From arut at nginx.com  Tue Aug  1 07:45:11 2023
From: arut at nginx.com (=?iso-8859-1?q?Roman_Arutyunyan?=)
Date: Tue, 01 Aug 2023 11:45:11 +0400
Subject: [PATCH 0 of 5] QUIC congestion control fixes
Message-ID: <patchbomb.1690875911@plentiful-waterbuck>

Hello,

Several fixes in QUIC congestion control found while testing under load.  The
biggest issue here is probe-congestion deadlock which caused connection hang.

--
Roman Arutyunyan

From arut at nginx.com  Tue Aug  1 07:45:12 2023
From: arut at nginx.com (=?iso-8859-1?q?Roman_Arutyunyan?=)
Date: Tue, 01 Aug 2023 11:45:12 +0400
Subject: [PATCH 1 of 5] QUIC: avoid accessing freed frame
In-Reply-To: <patchbomb.1690875911@plentiful-waterbuck>
References: <patchbomb.1690875911@plentiful-waterbuck>
Message-ID: <5b91a40f2dd249000e92.1690875912@plentiful-waterbuck>

# HG changeset patch
# User Roman Arutyunyan <arut at nginx.com>
# Date 1690874404 -14400
#      Tue Aug 01 11:20:04 2023 +0400
# Node ID 5b91a40f2dd249000e9208a0152dc5cc0c6ea0c4
# Parent  4f078be6e2ed08643371a3956f5f18f2357a38db
QUIC: avoid accessing freed frame.

Previously the field pnum of a potentially freed frame was accessed.  Now the
value is copied to a local variable.  The old behavior did not cause any
problems since the frame memory is not freed, but is moved to a free queue
instead.

diff --git a/src/event/quic/ngx_event_quic_ack.c b/src/event/quic/ngx_event_quic_ack.c
--- a/src/event/quic/ngx_event_quic_ack.c
+++ b/src/event/quic/ngx_event_quic_ack.c
@@ -548,6 +548,7 @@ ngx_quic_persistent_congestion(ngx_conne
 void
 ngx_quic_resend_frames(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx)
 {
+    uint64_t                pnum;
     ngx_queue_t            *q;
     ngx_quic_frame_t       *f, *start;
     ngx_quic_stream_t      *qs;
@@ -556,6 +557,7 @@ ngx_quic_resend_frames(ngx_connection_t 
     qc = ngx_quic_get_connection(c);
     q = ngx_queue_head(&ctx->sent);
     start = ngx_queue_data(q, ngx_quic_frame_t, queue);
+    pnum = start->pnum;
 
     ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
                    "quic resend packet pnum:%uL", start->pnum);
@@ -565,7 +567,7 @@ ngx_quic_resend_frames(ngx_connection_t 
     do {
         f = ngx_queue_data(q, ngx_quic_frame_t, queue);
 
-        if (f->pnum != start->pnum) {
+        if (f->pnum != pnum) {
             break;
         }
 

From arut at nginx.com  Tue Aug  1 07:45:13 2023
From: arut at nginx.com (=?iso-8859-1?q?Roman_Arutyunyan?=)
Date: Tue, 01 Aug 2023 11:45:13 +0400
Subject: [PATCH 2 of 5] QUIC: eliminated spurious recovery period
In-Reply-To: <patchbomb.1690875911@plentiful-waterbuck>
References: <patchbomb.1690875911@plentiful-waterbuck>
Message-ID: <a53bbd94a0fa436535ee.1690875913@plentiful-waterbuck>

# HG changeset patch
# User Roman Arutyunyan <arut at nginx.com>
# Date 1690874486 -14400
#      Tue Aug 01 11:21:26 2023 +0400
# Node ID a53bbd94a0fa436535ee3bbcb6176befdf47c68a
# Parent  5b91a40f2dd249000e9208a0152dc5cc0c6ea0c4
QUIC: eliminated spurious recovery period.

The initial value for recovery_start used to be the current time.  As a result,
the packets sent at the very beginning of a connection belonged to a recovery
period and their ACKs were treated accordingly. The issue manifested itself with
"quic congestion ack recovery" log messages and slower growth of congestion
window.  Now the initial value for recovery_start is set to an earlier time,
which fixes the spurious recovery period.

diff --git a/src/event/quic/ngx_event_quic.c b/src/event/quic/ngx_event_quic.c
--- a/src/event/quic/ngx_event_quic.c
+++ b/src/event/quic/ngx_event_quic.c
@@ -315,7 +315,7 @@ ngx_quic_new_connection(ngx_connection_t
                                     ngx_max(2 * qc->tp.max_udp_payload_size,
                                             14720));
     qc->congestion.ssthresh = (size_t) -1;
-    qc->congestion.recovery_start = ngx_current_msec;
+    qc->congestion.recovery_start = ngx_current_msec - 1;
 
     if (pkt->validated && pkt->retried) {
         qc->tp.retry_scid.len = pkt->dcid.len;

From arut at nginx.com  Tue Aug  1 07:45:14 2023
From: arut at nginx.com (=?iso-8859-1?q?Roman_Arutyunyan?=)
Date: Tue, 01 Aug 2023 11:45:14 +0400
Subject: [PATCH 3 of 5] QUIC: fixed PTO expiration condition
In-Reply-To: <patchbomb.1690875911@plentiful-waterbuck>
References: <patchbomb.1690875911@plentiful-waterbuck>
Message-ID: <741deb8ff8257914312a.1690875914@plentiful-waterbuck>

# HG changeset patch
# User Roman Arutyunyan <arut at nginx.com>
# Date 1690874519 -14400
#      Tue Aug 01 11:21:59 2023 +0400
# Node ID 741deb8ff8257914312ab134f3a0b69256c661f4
# Parent  a53bbd94a0fa436535ee3bbcb6176befdf47c68a
QUIC: fixed PTO expiration condition.

Previously, PTO handler analyzed the first packet in the sent queue for the
timeout expiration.  However, the last sent packet should be analyzed instead.
An example is timeout calculation in ngx_quic_set_lost_timer().

diff --git a/src/event/quic/ngx_event_quic_ack.c b/src/event/quic/ngx_event_quic_ack.c
--- a/src/event/quic/ngx_event_quic_ack.c
+++ b/src/event/quic/ngx_event_quic_ack.c
@@ -840,7 +840,7 @@ ngx_quic_pto_handler(ngx_event_t *ev)
             continue;
         }
 
-        q = ngx_queue_head(&ctx->sent);
+        q = ngx_queue_last(&ctx->sent);
         f = ngx_queue_data(q, ngx_quic_frame_t, queue);
 
         if (f->pnum <= ctx->largest_ack

From arut at nginx.com  Tue Aug  1 07:45:15 2023
From: arut at nginx.com (=?iso-8859-1?q?Roman_Arutyunyan?=)
Date: Tue, 01 Aug 2023 11:45:15 +0400
Subject: [PATCH 4 of 5] QUIC: fixed probe-congestion deadlock
In-Reply-To: <patchbomb.1690875911@plentiful-waterbuck>
References: <patchbomb.1690875911@plentiful-waterbuck>
Message-ID: <cd0ef56b0f1afaa54d7d.1690875915@plentiful-waterbuck>

# HG changeset patch
# User Roman Arutyunyan <arut at nginx.com>
# Date 1690873324 -14400
#      Tue Aug 01 11:02:04 2023 +0400
# Node ID cd0ef56b0f1afaa54d7d2756dad2182628445e04
# Parent  741deb8ff8257914312ab134f3a0b69256c661f4
QUIC: fixed probe-congestion deadlock.

When probe timeout expired while congestion window was exhausted, probe PINGs
could not be sent.  As a result, lost packets could not be declared lost and
congestion window could not be freed for new packets.  This deadlock
continued until connection idle timeout expiration.

Now PINGs are sent separately from the frame queue without congestion control.

diff --git a/src/event/quic/ngx_event_quic_ack.c b/src/event/quic/ngx_event_quic_ack.c
--- a/src/event/quic/ngx_event_quic_ack.c
+++ b/src/event/quic/ngx_event_quic_ack.c
@@ -820,9 +820,9 @@ ngx_quic_pto_handler(ngx_event_t *ev)
 {
     ngx_uint_t              i;
     ngx_msec_t              now;
-    ngx_queue_t            *q, *next;
+    ngx_queue_t            *q;
     ngx_connection_t       *c;
-    ngx_quic_frame_t       *f;
+    ngx_quic_frame_t       *f, frame;
     ngx_quic_send_ctx_t    *ctx;
     ngx_quic_connection_t  *qc;
 
@@ -859,63 +859,23 @@ ngx_quic_pto_handler(ngx_event_t *ev)
                        "quic pto %s pto_count:%ui",
                        ngx_quic_level_name(ctx->level), qc->pto_count);
 
-        for (q = ngx_queue_head(&ctx->frames);
-             q != ngx_queue_sentinel(&ctx->frames);
-             /* void */)
-        {
-            next = ngx_queue_next(q);
-            f = ngx_queue_data(q, ngx_quic_frame_t, queue);
+        ngx_memzero(&frame, sizeof(ngx_quic_frame_t));
 
-            if (f->type == NGX_QUIC_FT_PING) {
-                ngx_queue_remove(q);
-                ngx_quic_free_frame(c, f);
-            }
-
-            q = next;
-        }
-
-        for (q = ngx_queue_head(&ctx->sent);
-             q != ngx_queue_sentinel(&ctx->sent);
-             /* void */)
-        {
-            next = ngx_queue_next(q);
-            f = ngx_queue_data(q, ngx_quic_frame_t, queue);
+        frame.level = ctx->level;
+        frame.type = NGX_QUIC_FT_PING;
 
-            if (f->type == NGX_QUIC_FT_PING) {
-                ngx_quic_congestion_lost(c, f);
-                ngx_queue_remove(q);
-                ngx_quic_free_frame(c, f);
-            }
-
-            q = next;
-        }
-
-        /* enforce 2 udp datagrams */
-
-        f = ngx_quic_alloc_frame(c);
-        if (f == NULL) {
-            break;
+        if (ngx_quic_frame_sendto(c, &frame, 0, qc->path) != NGX_OK
+            || ngx_quic_frame_sendto(c, &frame, 0, qc->path) != NGX_OK)
+        {
+            ngx_quic_close_connection(c, NGX_ERROR);
+            return;
         }
-
-        f->level = ctx->level;
-        f->type = NGX_QUIC_FT_PING;
-        f->flush = 1;
-
-        ngx_quic_queue_frame(qc, f);
-
-        f = ngx_quic_alloc_frame(c);
-        if (f == NULL) {
-            break;
-        }
-
-        f->level = ctx->level;
-        f->type = NGX_QUIC_FT_PING;
-
-        ngx_quic_queue_frame(qc, f);
     }
 
     qc->pto_count++;
 
+    ngx_quic_set_lost_timer(c);
+
     ngx_quic_connstate_dbg(c);
 }
 
diff --git a/src/event/quic/ngx_event_quic_output.c b/src/event/quic/ngx_event_quic_output.c
--- a/src/event/quic/ngx_event_quic_output.c
+++ b/src/event/quic/ngx_event_quic_output.c
@@ -645,10 +645,6 @@ ngx_quic_output_packet(ngx_connection_t 
         f->plen = 0;
 
         nframes++;
-
-        if (f->flush) {
-            break;
-        }
     }
 
     if (nframes == 0) {
diff --git a/src/event/quic/ngx_event_quic_transport.h b/src/event/quic/ngx_event_quic_transport.h
--- a/src/event/quic/ngx_event_quic_transport.h
+++ b/src/event/quic/ngx_event_quic_transport.h
@@ -271,7 +271,6 @@ struct ngx_quic_frame_s {
     ssize_t                                     len;
     unsigned                                    need_ack:1;
     unsigned                                    pkt_need_ack:1;
-    unsigned                                    flush:1;
 
     ngx_chain_t                                *data;
     union {

From arut at nginx.com  Tue Aug  1 07:45:16 2023
From: arut at nginx.com (=?iso-8859-1?q?Roman_Arutyunyan?=)
Date: Tue, 01 Aug 2023 11:45:16 +0400
Subject: [PATCH 5 of 5] QUIC: ignore blocked status in congestion event
 handlers
In-Reply-To: <patchbomb.1690875911@plentiful-waterbuck>
References: <patchbomb.1690875911@plentiful-waterbuck>
Message-ID: <80df0852e7ed58631025.1690875916@plentiful-waterbuck>

# HG changeset patch
# User Roman Arutyunyan <arut at nginx.com>
# Date 1690874694 -14400
#      Tue Aug 01 11:24:54 2023 +0400
# Node ID 80df0852e7ed58631025398694da6dd4dab42611
# Parent  cd0ef56b0f1afaa54d7d2756dad2182628445e04
QUIC: ignore blocked status in congestion event handlers.

Sometimes, while congestion window allows to send more bytes, the next frame
still cannot be sent since it's too big.  When this happens, push event is not
triggered from congestion ack/loss event handlers which may delay packet send.

Now the blocked status is ignored and push event is always posted when
congestion window grows bigger.

diff --git a/src/event/quic/ngx_event_quic_ack.c b/src/event/quic/ngx_event_quic_ack.c
--- a/src/event/quic/ngx_event_quic_ack.c
+++ b/src/event/quic/ngx_event_quic_ack.c
@@ -307,7 +307,6 @@ ngx_quic_handle_ack_frame_range(ngx_conn
 void
 ngx_quic_congestion_ack(ngx_connection_t *c, ngx_quic_frame_t *f)
 {
-    ngx_uint_t              blocked;
     ngx_msec_t              timer;
     ngx_quic_congestion_t  *cg;
     ngx_quic_connection_t  *qc;
@@ -319,8 +318,6 @@ ngx_quic_congestion_ack(ngx_connection_t
     qc = ngx_quic_get_connection(c);
     cg = &qc->congestion;
 
-    blocked = (cg->in_flight >= cg->window) ? 1 : 0;
-
     cg->in_flight -= f->plen;
 
     timer = f->last - cg->recovery_start;
@@ -358,7 +355,7 @@ ngx_quic_congestion_ack(ngx_connection_t
 
 done:
 
-    if (blocked && cg->in_flight < cg->window) {
+    if (cg->in_flight < cg->window) {
         ngx_post_event(&qc->push, &ngx_posted_events);
     }
 }
@@ -648,7 +645,6 @@ ngx_quic_resend_frames(ngx_connection_t 
 static void
 ngx_quic_congestion_lost(ngx_connection_t *c, ngx_quic_frame_t *f)
 {
-    ngx_uint_t              blocked;
     ngx_msec_t              timer;
     ngx_quic_congestion_t  *cg;
     ngx_quic_connection_t  *qc;
@@ -660,8 +656,6 @@ ngx_quic_congestion_lost(ngx_connection_
     qc = ngx_quic_get_connection(c);
     cg = &qc->congestion;
 
-    blocked = (cg->in_flight >= cg->window) ? 1 : 0;
-
     cg->in_flight -= f->plen;
     f->plen = 0;
 
@@ -690,7 +684,7 @@ ngx_quic_congestion_lost(ngx_connection_
 
 done:
 
-    if (blocked && cg->in_flight < cg->window) {
+    if (cg->in_flight < cg->window) {
         ngx_post_event(&qc->push, &ngx_posted_events);
     }
 }

From pluknet at nginx.com  Wed Aug  2 15:54:45 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Wed, 2 Aug 2023 18:54:45 +0300
Subject: [PATCH 1 of 2] SSL: provided "nginx" appname when loading OpenSSL
 configs
In-Reply-To: <b79ef48b91e45dba4bf8.1690240212@vm-bsd.mdounin.ru>
References: <b79ef48b91e45dba4bf8.1690240212@vm-bsd.mdounin.ru>
Message-ID: <5767CA14-02F4-4F9B-A7F2-946D6DD4EB11@nginx.com>


> On 25 Jul 2023, at 02:10, Maxim Dounin <mdounin at mdounin.ru> wrote:
> 
> # HG changeset patch
> # User Maxim Dounin <mdounin at mdounin.ru>
> # Date 1687300195 -10800
> #      Wed Jun 21 01:29:55 2023 +0300
> # Node ID b79ef48b91e45dba4bf850be6b2a2cc3b8834f5d
> # Parent  904c99bede1770d92566b56939c5b6ec85f05b55
> SSL: provided "nginx" appname when loading OpenSSL configs.
> 
> Following OpenSSL 0.9.8f, OpenSSL tries to load application-specific
> configuration section first, and then falls back to the "openssl_conf"
> default section if application-specific section is not found, by using
> CONF_modules_load_file(CONF_MFLAGS_DEFAULT_SECTION).  Therefore this
> change is not expected to introduce any compatibility issues with existing
> configurations.  It does, however, makes it easier to configure specific

typo: s/makes/make/

> OpenSSL settings for nginx in system-wide OpenSSL configuration
> (ticket #2449).
> 
> Instead of checking OPENSSL_VERSION_NUMBER when using the OPENSSL_init_ssl()
> interface, the code now tests for OPENSSL_INIT_LOAD_CONFIG to be defined and
> true, and also explicitly excludes LibreSSL.  This ensures that this interface
> is not used with BoringSSL and LibreSSL, which do not provide additional
> library initialization settings, notably the OPENSSL_INIT_set_config_appname()
> call.
> 
> diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
> --- a/src/event/ngx_event_openssl.c
> +++ b/src/event/ngx_event_openssl.c
> @@ -140,13 +140,31 @@ int  ngx_ssl_stapling_index;
> ngx_int_t
> ngx_ssl_init(ngx_log_t *log)
> {
> -#if OPENSSL_VERSION_NUMBER >= 0x10100003L
> -
> -    if (OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, NULL) == 0) {
> +#if (OPENSSL_INIT_LOAD_CONFIG && !defined LIBRESSL_VERSION_NUMBER)
> +
> +    OPENSSL_INIT_SETTINGS  *init;
> +
> +    init = OPENSSL_INIT_new();
> +    if (init == NULL) {
> +        ngx_ssl_error(NGX_LOG_ALERT, log, 0, "OPENSSL_INIT_new() failed");
> +        return NGX_ERROR;
> +    }
> +
> +#ifndef OPENSSL_NO_STDIO
> +    if (OPENSSL_INIT_set_config_appname(init, "nginx") == 0) {
> +        ngx_ssl_error(NGX_LOG_ALERT, log, 0,
> +                      "OPENSSL_INIT_set_config_appname() failed");
> +        return NGX_ERROR;
> +    }
> +#endif
> +
> +    if (OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, init) == 0) {
>         ngx_ssl_error(NGX_LOG_ALERT, log, 0, "OPENSSL_init_ssl() failed");
>         return NGX_ERROR;
>     }
> 
> +    OPENSSL_INIT_free(init);
> +
>     /*
>      * OPENSSL_init_ssl() may leave errors in the error queue
>      * while returning success
> @@ -156,7 +174,7 @@ ngx_ssl_init(ngx_log_t *log)
> 
> #else
> 
> -    OPENSSL_config(NULL);
> +    OPENSSL_config("nginx");
> 
>     SSL_library_init();
>     SSL_load_error_strings();

Looks good.

-- 
Sergey Kandaurov

From pluknet at nginx.com  Wed Aug  2 15:55:04 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Wed, 2 Aug 2023 18:55:04 +0300
Subject: [PATCH 2 of 2] SSL: avoid using OpenSSL config in build directory
 (ticket #2404)
In-Reply-To: <bd2cc76ebe2367dc303e.1690240213@vm-bsd.mdounin.ru>
References: <b79ef48b91e45dba4bf8.1690240212@vm-bsd.mdounin.ru>
 <bd2cc76ebe2367dc303e.1690240213@vm-bsd.mdounin.ru>
Message-ID: <AC20A843-2D11-400E-936D-EE4EFEC7CA20@nginx.com>


> On 25 Jul 2023, at 02:10, Maxim Dounin <mdounin at mdounin.ru> wrote:
> 
> # HG changeset patch
> # User Maxim Dounin <mdounin at mdounin.ru>
> # Date 1687300193 -10800
> #      Wed Jun 21 01:29:53 2023 +0300
> # Node ID bd2cc76ebe2367dc303e2746928b17ca8976b604
> # Parent  b79ef48b91e45dba4bf850be6b2a2cc3b8834f5d
> SSL: avoid using OpenSSL config in build directory (ticket #2404).
> 
> With this change, the NGX_OPENSSL_NO_CONFIG macro is defined when nginx
> is asked to build OpenSSL itself.  And with this macro automatic loading
> of OpenSSL configuration (from the build directory) is prevented unless
> the OPENSSL_CONF environment variable is explicitly set.
> 
> Note that not loading configuration is broken in OpenSSL 1.1.1 and 1.1.1a
> (fixed in OpenSSL 1.1.1b, see https://github.com/openssl/openssl/issues/7350).
> If nginx is used to compile these OpenSSL versions, configuring nginx with
> NGX_OPENSSL_NO_CONFIG explicitly set to 0 might be used as a workaround.

Not sure how the last paragraph is relevant as the patch doesn't change
the number of OPENSSL_init_ssl() calls.  Otherwise looks good.

> 
> diff --git a/auto/lib/openssl/conf b/auto/lib/openssl/conf
> --- a/auto/lib/openssl/conf
> +++ b/auto/lib/openssl/conf
> @@ -8,6 +8,8 @@ if [ $OPENSSL != NONE ]; then
>     have=NGX_OPENSSL . auto/have
>     have=NGX_SSL . auto/have
> 
> +    have=NGX_OPENSSL_NO_CONFIG . auto/have
> +
>     if [ $USE_OPENSSL_QUIC = YES ]; then
>         have=NGX_QUIC . auto/have
>         have=NGX_QUIC_OPENSSL_COMPAT . auto/have
> diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
> --- a/src/event/ngx_event_openssl.c
> +++ b/src/event/ngx_event_openssl.c
> @@ -142,8 +142,19 @@ ngx_ssl_init(ngx_log_t *log)
> {
> #if (OPENSSL_INIT_LOAD_CONFIG && !defined LIBRESSL_VERSION_NUMBER)
> 
> +    uint64_t                opts;
>     OPENSSL_INIT_SETTINGS  *init;
> 
> +    opts = OPENSSL_INIT_LOAD_CONFIG;
> +
> +#if (NGX_OPENSSL_NO_CONFIG)
> +
> +    if (getenv("OPENSSL_CONF") == NULL) {
> +        opts = OPENSSL_INIT_NO_LOAD_CONFIG;
> +    }
> +
> +#endif
> +
>     init = OPENSSL_INIT_new();
>     if (init == NULL) {
>         ngx_ssl_error(NGX_LOG_ALERT, log, 0, "OPENSSL_INIT_new() failed");
> @@ -158,7 +169,7 @@ ngx_ssl_init(ngx_log_t *log)
>     }
> #endif
> 
> -    if (OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, init) == 0) {
> +    if (OPENSSL_init_ssl(opts, init) == 0) {
>         ngx_ssl_error(NGX_LOG_ALERT, log, 0, "OPENSSL_init_ssl() failed");
>         return NGX_ERROR;
>     }
> @@ -174,6 +185,14 @@ ngx_ssl_init(ngx_log_t *log)
> 
> #else
> 
> +#if (NGX_OPENSSL_NO_CONFIG)
> +
> +    if (getenv("OPENSSL_CONF") == NULL) {
> +        OPENSSL_no_config();
> +    }
> +
> +#endif
> +
>     OPENSSL_config("nginx");
> 
>     SSL_library_init();

-- 
Sergey Kandaurov

From arut at nginx.com  Wed Aug  2 17:12:25 2023
From: arut at nginx.com (Roman Arutyunyan)
Date: Wed, 2 Aug 2023 21:12:25 +0400
Subject: [PATCH] Added debug_random directive
In-Reply-To: <LO0P123MB63190031849B0A8B468A1B219E02A@LO0P123MB6319.GBRP123.PROD.OUTLOOK.COM>
References: <LO0P123MB63194D794B1808A023A7FC9C9E35A@LO0P123MB6319.GBRP123.PROD.OUTLOOK.COM>
 <LO0P123MB63193421DA656E482B9357FF9E38A@LO0P123MB6319.GBRP123.PROD.OUTLOOK.COM>
 <LO0P123MB63190031849B0A8B468A1B219E02A@LO0P123MB6319.GBRP123.PROD.OUTLOOK.COM>
Message-ID: <20230802171225.cbxwdhz5k4f2hcx4@N00W24XTQX>

On Mon, Jul 24, 2023 at 05:24:04AM +0100, J Carter wrote:

[..]

> # HG changeset patch
> # User J Carter <jordanc.carter at outlook.com>
> # Date 1690171706 -3600
> #      Mon Jul 24 05:08:26 2023 +0100
> # Node ID ea91b9aa69d8ce9dc9878209a83b7d538e6bc7e1
> # Parent  77c1418916f7817a0d020f28d8a08f278a12fe43
> Added debug_random directive

This line needs a prefix, for example:

Events: debug_random directive.

See "hg log" for common prefixes used in nginx commits.

> More bug fixes and style changes.
> 
> diff -r 77c1418916f7 -r ea91b9aa69d8 src/event/ngx_event.c
> --- a/src/event/ngx_event.c	Thu Jun 08 14:58:01 2023 +0400
> +++ b/src/event/ngx_event.c	Mon Jul 24 05:08:26 2023 +0100
> @@ -30,6 +30,8 @@
>  static char *ngx_event_use(ngx_conf_t *cf, ngx_command_t *cmd, void *conf);
>  static char *ngx_event_debug_connection(ngx_conf_t *cf, ngx_command_t *cmd,
>      void *conf);
> +static char *ngx_event_debug_random(ngx_conf_t *cf, ngx_command_t *cmd,
> +    void *conf);
>  
>  static void *ngx_event_core_create_conf(ngx_cycle_t *cycle);
>  static char *ngx_event_core_init_conf(ngx_cycle_t *cycle, void *conf);
> @@ -162,6 +164,13 @@
>        0,
>        NULL },
>  
> +      { ngx_string("debug_random"),
> +      NGX_EVENT_CONF|NGX_CONF_TAKE1,
> +      ngx_event_debug_random,
> +      0,
> +      0,
> +      NULL },
> +
>        ngx_null_command
>  };
>  
> @@ -496,6 +505,7 @@
>      size_t               size, cl;
>      ngx_shm_t            shm;
>      ngx_time_t          *tp;
> +    ngx_cidr_t          *cidr;
>      ngx_core_conf_t     *ccf;
>      ngx_event_conf_t    *ecf;
>  
> @@ -507,6 +517,33 @@
>                        "using the \"%s\" event method", ecf->name);
>      }
>  
> +    if (ecf->debug_connection.nelts == 0
> +        && ecf->debug_scaled_pct > 0)
> +    {
> +        cidr = ngx_array_push(&ecf->debug_connection);
> +        if (cidr == NULL) {
> +            return NGX_ERROR;
> +        }
> +        /*0.0.0.0/0*/
> +        ngx_memzero(cidr, sizeof(ngx_cidr_t));
> +        cidr->family = AF_INET;
> +
> +#ifdef NGX_HAVE_INET6
> +        cidr = ngx_array_push(&ecf->debug_connection);
> +        if (cidr == NULL) {
> +            return NGX_ERROR;
> +        }
> +        /*::/0*/
> +        ngx_memzero(cidr, sizeof(ngx_cidr_t));
> +        cidr->family = AF_INET6;
> +#endif
> +
> +    } else if (ecf->debug_connection.nelts > 0
> +               && ecf->debug_scaled_pct == 0)
> +    {
> +        ecf->debug_scaled_pct = NGX_MAX_INT32_VALUE;
> +    }
> +

Why do we need this code?  It looks to me like everything can be done in
ngx_debug_accepted_connection().

>      ccf = (ngx_core_conf_t *) ngx_get_conf(cycle->conf_ctx, ngx_core_module);
>  
>      ngx_timer_resolution = ccf->timer_resolution;
> @@ -1254,6 +1291,55 @@
>  }
>  
>  
> +static char *
> +ngx_event_debug_random(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
> +{
> +#if (NGX_DEBUG)
> +    ngx_event_conf_t  *ecf = conf;
> +
> +    u_char               *c;
> +    ngx_int_t             pct;
> +    ngx_uint_t            len;
> +    ngx_str_t            *value;
> +
> +    if (ecf->debug_scaled_pct != NGX_CONF_UNSET_UINT) {
> +        return "is duplicate";
> +    }
> +
> +    value = cf->args->elts;
> +    c = value[1].data;
> +    len = value[1].len;
> +
> +    if (c[len-1] != '%') {
> +        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
> +                               "%V missing '%%'",
> +                               &value[1]);
> +        return NGX_CONF_ERROR;
> +    }
> +
> +    pct = ngx_atofp(c, len-1, 2);
> +
> +    if (pct == NGX_ERROR || pct == 0 || pct > 9999) {
> +        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
> +                               "%V is an invalid value",
> +                               &value[1]);
> +        return NGX_CONF_ERROR;
> +    }
> +
> +    ecf->debug_scaled_pct = NGX_MAX_INT32_VALUE / 10000 * pct;

We already have a similar handler that parses percent argument, see              
ngx_stream_split_clients().  Style-wise it's a good idea to follow the           
style/naming of existing code. 

Also, why not store 0-10000 value range in configuration and use
ngx_random() % 10000 in runtime?

> +#else
> +
> +    ngx_conf_log_error(NGX_LOG_WARN, cf, 0,
> +                       "\"debug_random\" is ignored, you need to rebuild "
> +                       "nginx using --with-debug option to enable it");
> +
> +#endif
> +
> +    return NGX_CONF_OK;
> +}
> +
> +
>  static void *
>  ngx_event_core_create_conf(ngx_cycle_t *cycle)
>  {
> @@ -1279,6 +1365,8 @@
>          return NULL;
>      }
>  
> +    ecf->debug_scaled_pct = NGX_CONF_UNSET_UINT;
> +
>  #endif
>  
>      return ecf;
> @@ -1369,5 +1457,7 @@
>      ngx_conf_init_value(ecf->accept_mutex, 0);
>      ngx_conf_init_msec_value(ecf->accept_mutex_delay, 500);
>  
> +    ngx_conf_init_uint_value(ecf->debug_scaled_pct, 0);
> +
>      return NGX_CONF_OK;
>  }
> diff -r 77c1418916f7 -r ea91b9aa69d8 src/event/ngx_event.h
> --- a/src/event/ngx_event.h	Thu Jun 08 14:58:01 2023 +0400
> +++ b/src/event/ngx_event.h	Mon Jul 24 05:08:26 2023 +0100
> @@ -438,6 +438,7 @@
>      u_char       *name;
>  
>  #if (NGX_DEBUG)
> +    ngx_uint_t    debug_scaled_pct;
>      ngx_array_t   debug_connection;
>  #endif
>  } ngx_event_conf_t;
> diff -r 77c1418916f7 -r ea91b9aa69d8 src/event/ngx_event_accept.c
> --- a/src/event/ngx_event_accept.c	Thu Jun 08 14:58:01 2023 +0400
> +++ b/src/event/ngx_event_accept.c	Mon Jul 24 05:08:26 2023 +0100
> @@ -523,6 +523,7 @@
>      struct sockaddr_in6  *sin6;
>      ngx_uint_t            n;
>  #endif
> +    ngx_uint_t r = ngx_random();

Style: we do not initialize non-static local variables like that.
Instead, a variable is initialized explicitly in the code after declaration.

>  
>      cidr = ecf->debug_connection.elts;
>      for (i = 0; i < ecf->debug_connection.nelts; i++) {
> @@ -548,6 +549,7 @@
>  
>  #if (NGX_HAVE_UNIX_DOMAIN)
>          case AF_UNIX:
> +            r = 0;
>              break;
>  #endif
>  
> @@ -561,7 +563,10 @@
>              break;
>          }
>  
> -        c->log->log_level = NGX_LOG_DEBUG_CONNECTION|NGX_LOG_DEBUG_ALL;
> +        if (r <= ecf->debug_scaled_pct) {
> +            c->log->log_level = NGX_LOG_DEBUG_CONNECTION|NGX_LOG_DEBUG_ALL;
> +        }
> +
>          break;
>  
>      next:
> 


> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> https://mailman.nginx.org/mailman/listinfo/nginx-devel


--
Roman Arutyunyan

From mdounin at mdounin.ru  Wed Aug  2 17:37:10 2023
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 2 Aug 2023 20:37:10 +0300
Subject: [PATCH 1 of 3] CSS as file.
In-Reply-To: <BY3PR01MB6674D0B67BA5296084AC63A3A502A@BY3PR01MB6674.prod.exchangelabs.com>
References: <BY3PR01MB667424E626632E5343465173A502A@BY3PR01MB6674.prod.exchangelabs.com>
 <BY3PR01MB6674D0B67BA5296084AC63A3A502A@BY3PR01MB6674.prod.exchangelabs.com>
Message-ID: <ZMqURlEvA75xlo5K@mdounin.ru>

Hello!

On Mon, Jul 24, 2023 at 02:23:12PM +0000, Liam Crilly via nginx-devel wrote:

> # HG changeset patch
> # User Liam Crilly <liam.crilly at nginx.com>
> # Date 1690207197 -3600
> #      Mon Jul 24 14:59:57 2023 +0100
> # Node ID df1cf98cf8f50eb1770d966aed583d21e481558b
> # Parent  1f672755959a64aec3f0aeceab1dbdc13cb36414
> CSS as file.
> 
> Extracts the inline styles from style.xsls into separate files for
> ease of style-development and to take advantage of browser caching.
> Hebrew and Chinese variants are preserved.
> 
> Stylesheets are located in a new top-level directory (/css) and are
> compressed during the gzip process.

Thanks, but no.

This change results in 4 distinct static language-specific CSS 
files, with no obvious way to keep them in sync.  At the same 
time, claimed benefits does not seem to be noticeable, in 
particular:

- Surely styles can be developed in any convenient way, and 
  results merged into xsls/style.xsls;

- Styles now are about 800 bytes gzipped, and this is hardly 
  noticeable neither for small pages like index.html (2.7k gzipped 
  original, 1.9k gzipped with patch), nor large pages like 
  ngx_http_core_module.html (24k gzipped), and hardly justifies a 
  separate request.

Overall, I think that this change will result in more complex 
support and the same or worse site performance, and therefore 
I'm against this change.

[...]

-- 
Maxim Dounin
http://mdounin.ru/

From mdounin at mdounin.ru  Wed Aug  2 17:37:28 2023
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 2 Aug 2023 20:37:28 +0300
Subject: [PATCH 2 of 3] Responsive menu.
In-Reply-To: <BY3PR01MB6674B4CA03F27E73F9D3A0F7A502A@BY3PR01MB6674.prod.exchangelabs.com>
References: <BY3PR01MB667424E626632E5343465173A502A@BY3PR01MB6674.prod.exchangelabs.com>
 <BY3PR01MB6674D0B67BA5296084AC63A3A502A@BY3PR01MB6674.prod.exchangelabs.com>
 <BY3PR01MB6674B4CA03F27E73F9D3A0F7A502A@BY3PR01MB6674.prod.exchangelabs.com>
Message-ID: <ZMqUWJpyAlBo8gYj@mdounin.ru>

Hello!

On Mon, Jul 24, 2023 at 02:25:16PM +0000, Liam Crilly via nginx-devel wrote:

> # HG changeset patch
> # User Liam Crilly <liam.crilly at nginx.com>
> # Date 1690207285 -3600
> #      Mon Jul 24 15:01:25 2023 +0100
> # Node ID c4018ab31dc52632f470298fcc7cece1fd8f57b9
> # Parent  df1cf98cf8f50eb1770d966aed583d21e481558b
> Responsive menu.
> 
> Nav menu is now hidden on narrow displays, collapsing to a "hamburger"
> menu icon in the banner. Menu items are now an unordered list instead of
> simple text markup.

In no particular order:

- It looks like this changeset contains more than one logical 
  change.  It is generally a good idea to keep distinct changes in 
  separate changesets as long as it is possible.  A useful rule of 
  thumb is to consider using more than one changeset as long as 
  you have to mention more than one item in the commit log.

- It looks like there are multiple style issues in the change: it 
  fails to follow the style you've just introduced in the previous 
  changeset, and uses style definitions without spaces and empty 
  lines.

- Design-wise, banner is expected to be on top of the site, above 
  anything.  That's basically reflects the fact that it was, in 
  fact, added to the site as external element.  With the suggested 
  change, this is no longer true, and hamburger interferes with 
  banner.  This needs a better solution.  Removing the banner 
  might be an option, it clearly meaningless now.

- Resulting menu seems to be non-scrollable on small screens, and 
  detaches from the hamburger when the page is scrolled.

- This change demonstrates very well that using multiple 
  language-specific styles makes development hard: we are already 
  seeing bit rot for he and cn languages, and duplicate work for 
  en/ru.

See below for more comments.

> 
> diff -r df1cf98cf8f5 -r c4018ab31dc5 css/style_en.css
> --- a/css/style_en.css	Mon Jul 24 14:59:57 2023 +0100
> +++ b/css/style_en.css	Mon Jul 24 15:01:25 2023 +0100
> @@ -29,10 +29,22 @@
>  
>  #menu {
>      float: right;
> -    width: 11em;
> -    padding: 0 .5em 1em .5em;
> +    width: 13em;
> +    padding: 0;
>      border-left: 2px solid #DDD;
>  }
> +.nav ul{
> +    margin:0;
> +    padding:20px;
> +}
> +.nav h1{
> +    padding:0 20px;
> +}
> +.nav ul li{
> +    list-style-type:none;
> +    padding:0;
> +    margin:0;
> +}
>  
>   #content {
>      margin-right: 13.5em;
> @@ -43,9 +55,7 @@
>      display: block;
>      font-size: 3em;
>      text-align: left;
> -    height: .7em;
> -    margin: 0;
> -    margin-bottom: .5em;
> +    margin: 0.5rem 0 0 0;
>  }
>  
>  h1 img {
> @@ -205,3 +215,125 @@
>      width:100%;
>      height:100%;
>  }
> +
> + at media screen and (max-width:768px) {

Overall, I would expect minimal media-specific changes for already 
defined elements, such as display changes.

> +    #main {
> +        padding: 20px;
> +        min-width: inherit;
> +    }
> +    #main #content {
> +        width: 100%!important;
> +        padding: 0;
> +        border: none;
> +    }
> +
> +    #banner-content {
> +        max-width: 70vw;
> +    }
> +
> +    #menu {
> +        text-align: left;
> +    }
> +
> +    /* Menu Mobile */

It might be a good idea to avoid useless comments.

> +    :root {
> +        --white: #f9f9f9;
> +        --black: #000;
> +        --gray: #85888C;
> +        --green: #b6d7a8;
> +        color-scheme: light dark;
> +    } /* variables*/
> +
> +    /* Nav menu */
> +    .nav {
> +        width: 15rem;
> +        height: 100%;
> +        max-height: 0;
> +        position: fixed;

This uses "position: fixed;", and therefore menu cannot be 
scrolled when it does not fit on screen.

Also, hamburger uses "position: absolute;", and together with 
fixed menu this results in hamburger and menu being when the page 
itself is scrolled.

> +        top: 50px;
> +        right: 0;
> +        border-left: 1px solid #909090;
> +        background-color: var(--white);

Using variable colors along with non-variable looks wrong.

> +        overflow: hidden;
> +        transition: .5s ease-in-out;
> +    }
> +    .nav ul {
> +        margin: 0;
> +        padding: 20px;
> +    }
> +    .nav h1 {
> +        padding: 0 20px;
> +    }
> +    .nav ul li {
> +        list-style-type: none;
> +        padding:0;
> +        margin:0;
> +    }
> +
> +    .hamb {
> +        cursor: pointer;
> +        float: right;
> +        position: absolute;
> +        top: 0;
> +        right: 20px;
> +        height: 30px;
> +        width: 70px;
> +        padding-left: 20px;
> +        padding-top: 20px;
> +        z-index: 1100;
> +    }
> +    .hamb-line {
> +        background: var(--green);
> +        display: block;
> +        height: 5px;
> +        position: relative;
> +        width: 44px;
> +        border-radius:3px;
> +
> +    }
> +    .hamb-line::before,.hamb-line::after {
> +        background: var(--green);
> +        content: '';
> +        display: block;
> +        height: 100%;
> +        position: absolute;
> +        transition: all .2s ease-in-out;
> +        width: 100%;
> +        border-radius:3px;
> +    }
> +    .hamb-line::before{
> +        top: 10px;
> +    }
> +    .hamb-line::after{
> +        top: -10px;
> +    }
> +    .side-menu {
> +        display: none;
> +    } /* Hide checkbox */
> +    .side-menu:checked ~ .nav{
> +        max-height: 100%;
> +        top: 50px;
> +
> +    }
> +    .side-menu:checked ~ .hamb .hamb-line {
> +        background: transparent;
> +    }
> +    .side-menu:checked ~ .hamb .hamb-line::before {
> +        transform: rotate(-45deg);
> +        top: 0;
> +    }
> +    .side-menu:checked ~ .hamb .hamb-line::after {
> +        transform: rotate(45deg);
> +        top: 0;
> +    }
> +
> +    code {
> +        white-space: pre-line;
> +    }
> +}
> +
> + at media screen and (min-width:768px){
> +    .side-menu,.hamb-line {
> +        display: none;
> +    }
> +}
> diff -r df1cf98cf8f5 -r c4018ab31dc5 css/style_ru.css
> --- a/css/style_ru.css	Mon Jul 24 14:59:57 2023 +0100
> +++ b/css/style_ru.css	Mon Jul 24 15:01:25 2023 +0100

Skipped style_ru.css, as it is exactly identical to style_en.css.

[...]

> diff -r df1cf98cf8f5 -r c4018ab31dc5 xsls/banner.xsls
> --- a/xsls/banner.xsls	Mon Jul 24 14:59:57 2023 +0100
> +++ b/xsls/banner.xsls	Mon Jul 24 15:01:25 2023 +0100
> @@ -21,7 +21,7 @@
>              fetch("!banner_link ()")
>                  .then((response) => response.text())
>                  .then((resp) => \{
> -                    document.getElementById("banner").innerHTML = resp;
> +                    document.getElementById("banner-content").innerHTML = resp;
>                  \})
>                  .catch((error) => \{
>                      console.warn(error);
> diff -r df1cf98cf8f5 -r c4018ab31dc5 xsls/body.xsls
> --- a/xsls/body.xsls	Mon Jul 24 14:59:57 2023 +0100
> +++ b/xsls/body.xsls	Mon Jul 24 15:01:25 2023 +0100
> @@ -18,20 +18,27 @@
>      <body>
>  
>      <div id="banner">
> +        <div id="banner-content"></div>
>      </div>
>  
>      <div id="main">
> -    <div id="menu">
> +    <div id="menu" >

Unrelated whitespace change.

> +        <input class="side-menu" type="checkbox" id="side-menu"/>
> +        <label class="hamb" for="side-menu"><span class="hamb-line"></span></label>
> +        <nav class="nav">
>          <h1>
>              X:if "@lang = 'he'" { X:attribute "align" { X:text{left} } }
>              <a href="/">
> -                <img src="/nginx.png" alt="nginx" />
> +                <img src="/nginx.png" alt="nginx"/>

And here, and in other places.

>              </a>
>          </h1>
>          <div>
> -        !! "document(concat($XML, '/menu.xml'))
> +        <ul class="mobilemenu">

Using "mobilemenu" name here is clearly wrong, as it's not just 
mobile.

> +            !! "document(concat($XML, '/menu.xml'))
>                          /menus/menu[@lang = $lang]/item";
> +        </ul>
>          </div>
> +        </nav>
>      </div>
>  
>      <div id="content">
> diff -r df1cf98cf8f5 -r c4018ab31dc5 xsls/menu.xsls
> --- a/xsls/menu.xsls	Mon Jul 24 14:59:57 2023 +0100
> +++ b/xsls/menu.xsls	Mon Jul 24 15:01:25 2023 +0100
> @@ -13,6 +13,8 @@
>        --     "menu/item[@href = $LINK]", etc.
>        -->
>  
> +    <li>
> +
>      X:if "@href = $LINK" {
>          X:if "$YEAR and @href='/'" {
>              <a href="./"> news </a> <br/>
> @@ -21,7 +23,6 @@
>          }
>  
>      } else {
> -
>          <!--
>            -- If a menu item has the switchlang attribute, then it will point
>            -- to the same document in the specified language.
> @@ -66,33 +67,34 @@
>  
>              X:if "@lang" { X:text { [} !{@lang} X:text {]}}
>          }
> -
> -        <br/>
>      }
> +    </li>
>  }
>  
>  
>  X:template = "menu/item[@year]" {
>      X:if "$YEAR or $LINK='/'" {
> +        <li>
>          X:if "$YEAR=@year" {
> -            !{@year} <br/>
> +            !{@year}
>          } else {
>              X:if "@href" { <a href="{@href}"> !{@year} </a> }
> -            <br/>

With this change, an empty line separating years from the rest of 
the menu is lost.  As of now, the empty line is provided for:

<item year="" />

item in menu.xml.

>          }
> +        </li>
>      }
>  }
>  
>  
>  X:template = "menu/item[starts-with(@href, 'http://') or starts-with(@href, 'https://')]" {
> +    <li>
>      <a href="{@href}"> !{ normalize-space(text()) } </a>
>      X:if "@lang" { X:text { [} !{@lang} X:text {]}}
> -    <br/>
> +    </li>
>  }
>  
>  
>  X:template = "menu/item[not(@href) and not(@year)]" {
> -    !{ normalize-space(text()) } <br/>
> +    <li>!{ normalize-space(text()) } <br/></li>
>  }
>  
>  }
> diff -r df1cf98cf8f5 -r c4018ab31dc5 xsls/style.xsls
> --- a/xsls/style.xsls	Mon Jul 24 14:59:57 2023 +0100
> +++ b/xsls/style.xsls	Mon Jul 24 15:01:25 2023 +0100
> @@ -7,6 +7,7 @@
>  
>  X:template style (lang) {
>  
> +    <meta name="viewport" content="width=device-width,initial-scale=1"></meta>
>      <link rel="stylesheet" href="/css/style_{$lang}.css"></link>
>  
>  }

Overall, this clearly needs more work, and probably needs to be 
split into smaller changes.

-- 
Maxim Dounin
http://mdounin.ru/

From mdounin at mdounin.ru  Wed Aug  2 17:37:39 2023
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 2 Aug 2023 20:37:39 +0300
Subject: [PATCH 3 of 3] Stylesheet style changes.
In-Reply-To: <BY3PR01MB6674C84893445FCA306897E4A502A@BY3PR01MB6674.prod.exchangelabs.com>
References: <BY3PR01MB667424E626632E5343465173A502A@BY3PR01MB6674.prod.exchangelabs.com>
 <BY3PR01MB6674D0B67BA5296084AC63A3A502A@BY3PR01MB6674.prod.exchangelabs.com>
 <BY3PR01MB6674B4CA03F27E73F9D3A0F7A502A@BY3PR01MB6674.prod.exchangelabs.com>
 <BY3PR01MB6674C84893445FCA306897E4A502A@BY3PR01MB6674.prod.exchangelabs.com>
Message-ID: <ZMqUYwUN0zUJ/aWj@mdounin.ru>

Hello!

On Mon, Jul 24, 2023 at 02:26:41PM +0000, Liam Crilly via nginx-devel wrote:

> # HG changeset patch
> # User Liam Crilly <liam.crilly at nginx.com>
> # Date 1690207410 -3600
> #      Mon Jul 24 15:03:30 2023 +0100
> # Node ID 29929155db5ad60e9f9c201d74fb73889287848f
> # Parent  c4018ab31dc52632f470298fcc7cece1fd8f57b9
> Stylesheet style changes.
> 
> Optimized for readability, including support for dark mode.

Overall, I tend to think these changes indeed improve readability.

But certainly there are objections to some of the changes, such as 
grey background and border for configuration examples (which was 
specifically avoided during previous changes to styles), or grey 
background and padding for "<code>" in-line elements (which simply 
looks ugly, especially when the element is in quotes).

Overall, this needs more work, notably needs to be split into 
multiple patches with one patch per logical change to make reviews 
actually possible.

> 
> diff -r c4018ab31dc5 -r 29929155db5a css/style_en.css
> --- a/css/style_en.css	Mon Jul 24 15:01:25 2023 +0100
> +++ b/css/style_en.css	Mon Jul 24 15:03:30 2023 +0100
> @@ -9,13 +9,12 @@
>  }
>  
>  #banner {
> -    background: black;
> -    color: #F2F2F2;
> +    background: #000;
> +    color: #f2f2f2;
>      line-height: 1.2em;
>      padding: .3em 0;
> -    box-shadow: 0 5px 10px black;
> +    box-shadow: 0 5px 10px #000;

These are clearly style changes.  If at all, please keep style 
changes separate from functional changes.

>  }
> -
>  #banner a {
>      color: #00B140;
>  }

And this is an unrelated whitespace corruption.

> @@ -24,7 +23,7 @@
>      text-align: left;
>      margin: 0 auto;
>      min-width: 32em;
> -    max-width: 64em;
> +    max-width: 66em;
>  }
>  
>  #menu {
> @@ -46,9 +45,9 @@
>      margin:0;
>  }
>  
> - #content {
> +#content {

This change looks like a result of whitespace damage in the first 
patch of the series, and needs to be fixed there (if at all).

>      margin-right: 13.5em;
> -    padding: 0 .2em 0 1.5em;
> +    padding: 0 2.5em 0 1.5em;
>  }
>  
>  h1 {
> @@ -63,11 +62,23 @@
>  }
>  
>  h2 {
> -    text-align: center;
> +    font-size: 2rem;
> +    line-height: 3.25rem;
> +    margin: 1rem 0 .5rem 0;
> +}
> +
> +h4 {
> +    font-size: 1.5rem;
> +    margin: 2rem 0 .5rem 0;
> +}
> +/* Center field override */
> +center h4 {
> +    text-align: left!important;
>  }

As mentioned in the review of the previous patch, please avoid 
useless comments.

Also, this particular style rule probably shouldn't be here at 
all: instead, consider removing "<center>" tag from the markup in 
relevant xsls files.

[...]

-- 
Maxim Dounin
http://mdounin.ru/

From mdounin at mdounin.ru  Wed Aug  2 18:17:00 2023
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 2 Aug 2023 21:17:00 +0300
Subject: [PATCH 1 of 2] SSL: provided "nginx" appname when loading
 OpenSSL configs
In-Reply-To: <5767CA14-02F4-4F9B-A7F2-946D6DD4EB11@nginx.com>
References: <b79ef48b91e45dba4bf8.1690240212@vm-bsd.mdounin.ru>
 <5767CA14-02F4-4F9B-A7F2-946D6DD4EB11@nginx.com>
Message-ID: <ZMqdnJi+V89CXcUI@mdounin.ru>

Hello!

On Wed, Aug 02, 2023 at 06:54:45PM +0300, Sergey Kandaurov wrote:

> > On 25 Jul 2023, at 02:10, Maxim Dounin <mdounin at mdounin.ru> wrote:
> > 
> > # HG changeset patch
> > # User Maxim Dounin <mdounin at mdounin.ru>
> > # Date 1687300195 -10800
> > #      Wed Jun 21 01:29:55 2023 +0300
> > # Node ID b79ef48b91e45dba4bf850be6b2a2cc3b8834f5d
> > # Parent  904c99bede1770d92566b56939c5b6ec85f05b55
> > SSL: provided "nginx" appname when loading OpenSSL configs.
> > 
> > Following OpenSSL 0.9.8f, OpenSSL tries to load application-specific
> > configuration section first, and then falls back to the "openssl_conf"
> > default section if application-specific section is not found, by using
> > CONF_modules_load_file(CONF_MFLAGS_DEFAULT_SECTION).  Therefore this
> > change is not expected to introduce any compatibility issues with existing
> > configurations.  It does, however, makes it easier to configure specific
> 
> typo: s/makes/make/

Fixed, thnx.

> 
> > OpenSSL settings for nginx in system-wide OpenSSL configuration
> > (ticket #2449).
> > 
> > Instead of checking OPENSSL_VERSION_NUMBER when using the OPENSSL_init_ssl()
> > interface, the code now tests for OPENSSL_INIT_LOAD_CONFIG to be defined and
> > true, and also explicitly excludes LibreSSL.  This ensures that this interface
> > is not used with BoringSSL and LibreSSL, which do not provide additional
> > library initialization settings, notably the OPENSSL_INIT_set_config_appname()
> > call.
> > 
> > diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
> > --- a/src/event/ngx_event_openssl.c
> > +++ b/src/event/ngx_event_openssl.c
> > @@ -140,13 +140,31 @@ int  ngx_ssl_stapling_index;
> > ngx_int_t
> > ngx_ssl_init(ngx_log_t *log)
> > {
> > -#if OPENSSL_VERSION_NUMBER >= 0x10100003L
> > -
> > -    if (OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, NULL) == 0) {
> > +#if (OPENSSL_INIT_LOAD_CONFIG && !defined LIBRESSL_VERSION_NUMBER)
> > +
> > +    OPENSSL_INIT_SETTINGS  *init;
> > +
> > +    init = OPENSSL_INIT_new();
> > +    if (init == NULL) {
> > +        ngx_ssl_error(NGX_LOG_ALERT, log, 0, "OPENSSL_INIT_new() failed");
> > +        return NGX_ERROR;
> > +    }
> > +
> > +#ifndef OPENSSL_NO_STDIO
> > +    if (OPENSSL_INIT_set_config_appname(init, "nginx") == 0) {
> > +        ngx_ssl_error(NGX_LOG_ALERT, log, 0,
> > +                      "OPENSSL_INIT_set_config_appname() failed");
> > +        return NGX_ERROR;
> > +    }
> > +#endif
> > +
> > +    if (OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, init) == 0) {
> >         ngx_ssl_error(NGX_LOG_ALERT, log, 0, "OPENSSL_init_ssl() failed");
> >         return NGX_ERROR;
> >     }
> > 
> > +    OPENSSL_INIT_free(init);
> > +
> >     /*
> >      * OPENSSL_init_ssl() may leave errors in the error queue
> >      * while returning success
> > @@ -156,7 +174,7 @@ ngx_ssl_init(ngx_log_t *log)
> > 
> > #else
> > 
> > -    OPENSSL_config(NULL);
> > +    OPENSSL_config("nginx");
> > 
> >     SSL_library_init();
> >     SSL_load_error_strings();
> 
> Looks good.

Pushed to http://mdounin.ru/hg/nginx, thanks.

-- 
Maxim Dounin
http://mdounin.ru/

From mdounin at mdounin.ru  Wed Aug  2 18:17:08 2023
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 2 Aug 2023 21:17:08 +0300
Subject: [PATCH 2 of 2] SSL: avoid using OpenSSL config in build
 directory (ticket #2404)
In-Reply-To: <AC20A843-2D11-400E-936D-EE4EFEC7CA20@nginx.com>
References: <b79ef48b91e45dba4bf8.1690240212@vm-bsd.mdounin.ru>
 <bd2cc76ebe2367dc303e.1690240213@vm-bsd.mdounin.ru>
 <AC20A843-2D11-400E-936D-EE4EFEC7CA20@nginx.com>
Message-ID: <ZMqdpH89IigZKjo0@mdounin.ru>

Hello!

On Wed, Aug 02, 2023 at 06:55:04PM +0300, Sergey Kandaurov wrote:

> > On 25 Jul 2023, at 02:10, Maxim Dounin <mdounin at mdounin.ru> wrote:
> > 
> > # HG changeset patch
> > # User Maxim Dounin <mdounin at mdounin.ru>
> > # Date 1687300193 -10800
> > #      Wed Jun 21 01:29:53 2023 +0300
> > # Node ID bd2cc76ebe2367dc303e2746928b17ca8976b604
> > # Parent  b79ef48b91e45dba4bf850be6b2a2cc3b8834f5d
> > SSL: avoid using OpenSSL config in build directory (ticket #2404).
> > 
> > With this change, the NGX_OPENSSL_NO_CONFIG macro is defined when nginx
> > is asked to build OpenSSL itself.  And with this macro automatic loading
> > of OpenSSL configuration (from the build directory) is prevented unless
> > the OPENSSL_CONF environment variable is explicitly set.
> > 
> > Note that not loading configuration is broken in OpenSSL 1.1.1 and 1.1.1a
> > (fixed in OpenSSL 1.1.1b, see https://github.com/openssl/openssl/issues/7350).
> > If nginx is used to compile these OpenSSL versions, configuring nginx with
> > NGX_OPENSSL_NO_CONFIG explicitly set to 0 might be used as a workaround.
> 
> Not sure how the last paragraph is relevant as the patch doesn't change
> the number of OPENSSL_init_ssl() calls.  Otherwise looks good.

In OpenSSL 1.1.1, OPENSSL_init_ssl(OPENSSL_INIT_NO_LOAD_CONFIG) 
fails, because both OPENSSL_INIT_LOAD_CONFIG and 
OPENSSL_INIT_NO_LOAD_CONFIG are set in the resulting options to 
the OPENSSL_init_crypto() call, and OPENSSL_init_crypto() cannot 
handle this.

This is an obvious issue in the OpenSSL initialization code, yet 
it makes nginx compiled with --with-openssl= with the two 
mentioned OpenSSL versions non-functional after this patch.  Hence 
I've explicitly mentioned how to revert to the previous behaviour 
if compiling with these versions is needed for some reason (e.g., 
I personally use OpenSSL 1.1.1 for testing, as it is the first 
version from the 1.1.1 branch).

> 
> > 
> > diff --git a/auto/lib/openssl/conf b/auto/lib/openssl/conf
> > --- a/auto/lib/openssl/conf
> > +++ b/auto/lib/openssl/conf
> > @@ -8,6 +8,8 @@ if [ $OPENSSL != NONE ]; then
> >     have=NGX_OPENSSL . auto/have
> >     have=NGX_SSL . auto/have
> > 
> > +    have=NGX_OPENSSL_NO_CONFIG . auto/have
> > +
> >     if [ $USE_OPENSSL_QUIC = YES ]; then
> >         have=NGX_QUIC . auto/have
> >         have=NGX_QUIC_OPENSSL_COMPAT . auto/have
> > diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
> > --- a/src/event/ngx_event_openssl.c
> > +++ b/src/event/ngx_event_openssl.c
> > @@ -142,8 +142,19 @@ ngx_ssl_init(ngx_log_t *log)
> > {
> > #if (OPENSSL_INIT_LOAD_CONFIG && !defined LIBRESSL_VERSION_NUMBER)
> > 
> > +    uint64_t                opts;
> >     OPENSSL_INIT_SETTINGS  *init;
> > 
> > +    opts = OPENSSL_INIT_LOAD_CONFIG;
> > +
> > +#if (NGX_OPENSSL_NO_CONFIG)
> > +
> > +    if (getenv("OPENSSL_CONF") == NULL) {
> > +        opts = OPENSSL_INIT_NO_LOAD_CONFIG;
> > +    }
> > +
> > +#endif
> > +
> >     init = OPENSSL_INIT_new();
> >     if (init == NULL) {
> >         ngx_ssl_error(NGX_LOG_ALERT, log, 0, "OPENSSL_INIT_new() failed");
> > @@ -158,7 +169,7 @@ ngx_ssl_init(ngx_log_t *log)
> >     }
> > #endif
> > 
> > -    if (OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, init) == 0) {
> > +    if (OPENSSL_init_ssl(opts, init) == 0) {
> >         ngx_ssl_error(NGX_LOG_ALERT, log, 0, "OPENSSL_init_ssl() failed");
> >         return NGX_ERROR;
> >     }
> > @@ -174,6 +185,14 @@ ngx_ssl_init(ngx_log_t *log)
> > 
> > #else
> > 
> > +#if (NGX_OPENSSL_NO_CONFIG)
> > +
> > +    if (getenv("OPENSSL_CONF") == NULL) {
> > +        OPENSSL_no_config();
> > +    }
> > +
> > +#endif
> > +
> >     OPENSSL_config("nginx");
> > 
> >     SSL_library_init();

Pushed to http://mdounin.ru/hg/nginx, thanks.

-- 
Maxim Dounin
http://mdounin.ru/

From l.crilly at f5.com  Fri Aug  4 15:48:13 2023
From: l.crilly at f5.com (Liam Crilly)
Date: Fri, 4 Aug 2023 15:48:13 +0000
Subject: [PATCH 1 of 3] CSS as file.
In-Reply-To: <ZMqURlEvA75xlo5K@mdounin.ru>
References: <BY3PR01MB667424E626632E5343465173A502A@BY3PR01MB6674.prod.exchangelabs.com>
 <BY3PR01MB6674D0B67BA5296084AC63A3A502A@BY3PR01MB6674.prod.exchangelabs.com>
 <ZMqURlEvA75xlo5K@mdounin.ru>
Message-ID: <BY3PR01MB66745BED817EFC76B5B621A8A509A@BY3PR01MB6674.prod.exchangelabs.com>

Hi Maxim,

Thanks for your response (to all three changesets). I will follow up on this after the summer vacation season.

Cheers,
Liam.


_____
From: nginx-devel <nginx-devel-bounces at nginx.org> on behalf of Maxim Dounin <mdounin at mdounin.ru>
Sent: 02 August 2023 18:37
To: Liam Crilly via nginx-devel <nginx-devel at nginx.org>
Subject: Re: [PATCH 1 of 3] CSS as file.

EXTERNAL MAIL: nginx-devel-bounces at nginx.org

Hello!

On Mon, Jul 24, 2023 at 02:23:12PM +0000, Liam Crilly via nginx-devel wrote:

> # HG changeset patch
> # User Liam Crilly <liam.crilly at nginx.com>
> # Date 1690207197 -3600
> #      Mon Jul 24 14:59:57 2023 +0100
> # Node ID df1cf98cf8f50eb1770d966aed583d21e481558b
> # Parent  1f672755959a64aec3f0aeceab1dbdc13cb36414
> CSS as file.
>
> Extracts the inline styles from style.xsls into separate files for
> ease of style-development and to take advantage of browser caching.
> Hebrew and Chinese variants are preserved.
>
> Stylesheets are located in a new top-level directory (/css) and are
> compressed during the gzip process.

Thanks, but no.

This change results in 4 distinct static language-specific CSS
files, with no obvious way to keep them in sync.  At the same
time, claimed benefits does not seem to be noticeable, in
particular:

- Surely styles can be developed in any convenient way, and
  results merged into xsls/style.xsls;

- Styles now are about 800 bytes gzipped, and this is hardly
  noticeable neither for small pages like index.html (2.7k gzipped
  original, 1.9k gzipped with patch), nor large pages like
  ngx_http_core_module.html (24k gzipped), and hardly justifies a
  separate request.

Overall, I think that this change will result in more complex
support and the same or worse site performance, and therefore
I'm against this change.

[...]

--
Maxim Dounin
http://mdounin.ru/
_______________________________________________
nginx-devel mailing list
nginx-devel at nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx-devel

From pluknet at nginx.com  Mon Aug  7 10:53:14 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Mon, 07 Aug 2023 10:53:14 +0000
Subject: [nginx] SSL: provided "nginx" appname when loading OpenSSL configs.
Message-ID: <hg.85abf534cead.1691405594.6026610855610030274@dev.nginx>

details:   https://hg.nginx.org/nginx/rev/85abf534cead
branches:  
changeset: 9136:85abf534cead
user:      Maxim Dounin <mdounin at mdounin.ru>
date:      Wed Jun 21 01:29:55 2023 +0300
description:
SSL: provided "nginx" appname when loading OpenSSL configs.

Following OpenSSL 0.9.8f, OpenSSL tries to load application-specific
configuration section first, and then falls back to the "openssl_conf"
default section if application-specific section is not found, by using
CONF_modules_load_file(CONF_MFLAGS_DEFAULT_SECTION).  Therefore this
change is not expected to introduce any compatibility issues with existing
configurations.  It does, however, make it easier to configure specific
OpenSSL settings for nginx in system-wide OpenSSL configuration
(ticket #2449).

Instead of checking OPENSSL_VERSION_NUMBER when using the OPENSSL_init_ssl()
interface, the code now tests for OPENSSL_INIT_LOAD_CONFIG to be defined and
true, and also explicitly excludes LibreSSL.  This ensures that this interface
is not used with BoringSSL and LibreSSL, which do not provide additional
library initialization settings, notably the OPENSSL_INIT_set_config_appname()
call.

diffstat:

 src/event/ngx_event_openssl.c |  26 ++++++++++++++++++++++----
 1 files changed, 22 insertions(+), 4 deletions(-)

diffs (47 lines):

diff -r 904c99bede17 -r 85abf534cead src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c	Mon Jul 24 18:04:41 2023 +0300
+++ b/src/event/ngx_event_openssl.c	Wed Jun 21 01:29:55 2023 +0300
@@ -140,13 +140,31 @@ int  ngx_ssl_stapling_index;
 ngx_int_t
 ngx_ssl_init(ngx_log_t *log)
 {
-#if OPENSSL_VERSION_NUMBER >= 0x10100003L
-
-    if (OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, NULL) == 0) {
+#if (OPENSSL_INIT_LOAD_CONFIG && !defined LIBRESSL_VERSION_NUMBER)
+
+    OPENSSL_INIT_SETTINGS  *init;
+
+    init = OPENSSL_INIT_new();
+    if (init == NULL) {
+        ngx_ssl_error(NGX_LOG_ALERT, log, 0, "OPENSSL_INIT_new() failed");
+        return NGX_ERROR;
+    }
+
+#ifndef OPENSSL_NO_STDIO
+    if (OPENSSL_INIT_set_config_appname(init, "nginx") == 0) {
+        ngx_ssl_error(NGX_LOG_ALERT, log, 0,
+                      "OPENSSL_INIT_set_config_appname() failed");
+        return NGX_ERROR;
+    }
+#endif
+
+    if (OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, init) == 0) {
         ngx_ssl_error(NGX_LOG_ALERT, log, 0, "OPENSSL_init_ssl() failed");
         return NGX_ERROR;
     }
 
+    OPENSSL_INIT_free(init);
+
     /*
      * OPENSSL_init_ssl() may leave errors in the error queue
      * while returning success
@@ -156,7 +174,7 @@ ngx_ssl_init(ngx_log_t *log)
 
 #else
 
-    OPENSSL_config(NULL);
+    OPENSSL_config("nginx");
 
     SSL_library_init();
     SSL_load_error_strings();

From pluknet at nginx.com  Mon Aug  7 10:53:17 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Mon, 07 Aug 2023 10:53:17 +0000
Subject: [nginx] SSL: avoid using OpenSSL config in build directory (ticket
 #2404).
Message-ID: <hg.0ba26c99b3a1.1691405597.6026610855610030274@dev.nginx>

details:   https://hg.nginx.org/nginx/rev/0ba26c99b3a1
branches:  
changeset: 9137:0ba26c99b3a1
user:      Maxim Dounin <mdounin at mdounin.ru>
date:      Wed Jun 21 01:29:53 2023 +0300
description:
SSL: avoid using OpenSSL config in build directory (ticket #2404).

With this change, the NGX_OPENSSL_NO_CONFIG macro is defined when nginx
is asked to build OpenSSL itself.  And with this macro automatic loading
of OpenSSL configuration (from the build directory) is prevented unless
the OPENSSL_CONF environment variable is explicitly set.

Note that not loading configuration is broken in OpenSSL 1.1.1 and 1.1.1a
(fixed in OpenSSL 1.1.1b, see https://github.com/openssl/openssl/issues/7350).
If nginx is used to compile these OpenSSL versions, configuring nginx with
NGX_OPENSSL_NO_CONFIG explicitly set to 0 might be used as a workaround.

diffstat:

 auto/lib/openssl/conf         |   2 ++
 src/event/ngx_event_openssl.c |  21 ++++++++++++++++++++-
 2 files changed, 22 insertions(+), 1 deletions(-)

diffs (59 lines):

diff -r 85abf534cead -r 0ba26c99b3a1 auto/lib/openssl/conf
--- a/auto/lib/openssl/conf	Wed Jun 21 01:29:55 2023 +0300
+++ b/auto/lib/openssl/conf	Wed Jun 21 01:29:53 2023 +0300
@@ -8,6 +8,8 @@ if [ $OPENSSL != NONE ]; then
     have=NGX_OPENSSL . auto/have
     have=NGX_SSL . auto/have
 
+    have=NGX_OPENSSL_NO_CONFIG . auto/have
+
     if [ $USE_OPENSSL_QUIC = YES ]; then
         have=NGX_QUIC . auto/have
         have=NGX_QUIC_OPENSSL_COMPAT . auto/have
diff -r 85abf534cead -r 0ba26c99b3a1 src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c	Wed Jun 21 01:29:55 2023 +0300
+++ b/src/event/ngx_event_openssl.c	Wed Jun 21 01:29:53 2023 +0300
@@ -142,8 +142,19 @@ ngx_ssl_init(ngx_log_t *log)
 {
 #if (OPENSSL_INIT_LOAD_CONFIG && !defined LIBRESSL_VERSION_NUMBER)
 
+    uint64_t                opts;
     OPENSSL_INIT_SETTINGS  *init;
 
+    opts = OPENSSL_INIT_LOAD_CONFIG;
+
+#if (NGX_OPENSSL_NO_CONFIG)
+
+    if (getenv("OPENSSL_CONF") == NULL) {
+        opts = OPENSSL_INIT_NO_LOAD_CONFIG;
+    }
+
+#endif
+
     init = OPENSSL_INIT_new();
     if (init == NULL) {
         ngx_ssl_error(NGX_LOG_ALERT, log, 0, "OPENSSL_INIT_new() failed");
@@ -158,7 +169,7 @@ ngx_ssl_init(ngx_log_t *log)
     }
 #endif
 
-    if (OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, init) == 0) {
+    if (OPENSSL_init_ssl(opts, init) == 0) {
         ngx_ssl_error(NGX_LOG_ALERT, log, 0, "OPENSSL_init_ssl() failed");
         return NGX_ERROR;
     }
@@ -174,6 +185,14 @@ ngx_ssl_init(ngx_log_t *log)
 
 #else
 
+#if (NGX_OPENSSL_NO_CONFIG)
+
+    if (getenv("OPENSSL_CONF") == NULL) {
+        OPENSSL_no_config();
+    }
+
+#endif
+
     OPENSSL_config("nginx");
 
     SSL_library_init();

From pluknet at nginx.com  Tue Aug  8 09:49:46 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Tue, 8 Aug 2023 13:49:46 +0400
Subject: [PATCH 4 of 4] QUIC: path MTU discovery
In-Reply-To: <20230731173420.v7dq7bktey2ox4s2@N00W24XTQX>
References: <patchbomb.1688651833@arut-laptop>
 <1a49fd5d2013b6c8d502.1688651837@arut-laptop>
 <E772A710-B4FC-4A53-8489-DEC5586B29E7@nginx.com>
 <20230731173420.v7dq7bktey2ox4s2@N00W24XTQX>
Message-ID: <7AACA0BF-BDEA-4546-9673-27D57340EC1E@nginx.com>


> On 31 Jul 2023, at 21:34, Roman Arutyunyan <arut at nginx.com> wrote:
> 
> Hi,
> 
> On Fri, Jul 28, 2023 at 07:51:22PM +0400, Sergey Kandaurov wrote:
>> 
>>> On 6 Jul 2023, at 17:57, Roman Arutyunyan <arut at nginx.com> wrote:
>>> 
>>> # HG changeset patch
>>> # User Roman Arutyunyan <arut at nginx.com>
>>> # Date 1688481216 -14400
>>> #      Tue Jul 04 18:33:36 2023 +0400
>>> # Node ID 1a49fd5d2013b6c8d50263499e6ced440927e949
>>> # Parent  a1ea543d009311765144351b2557c00c8e6445bf
>>> QUIC: path MTU discovery.
>>> 
>>> MTU selection starts by stepping up until the first failure.  Then binary
>>> search is used to find the path MTU.
>>> 
>>> diff --git a/src/core/ngx_connection.c b/src/core/ngx_connection.c
>>> --- a/src/core/ngx_connection.c
>>> +++ b/src/core/ngx_connection.c
>>> @@ -1583,6 +1583,10 @@ ngx_connection_error(ngx_connection_t *c
>>>    }
>>> #endif
>>> 
>>> +    if (err == NGX_EMSGSIZE && c->log_error == NGX_ERROR_IGNORE_EMSGSIZE) {
>>> +        return 0;
>>> +    }
>>> +
>>>    if (err == 0
>>>        || err == NGX_ECONNRESET
>>> #if (NGX_WIN32)
>>> @@ -1600,6 +1604,7 @@ ngx_connection_error(ngx_connection_t *c
>>>    {
>>>        switch (c->log_error) {
>>> 
>>> +        case NGX_ERROR_IGNORE_EMSGSIZE:
>>>        case NGX_ERROR_IGNORE_EINVAL:
>>>        case NGX_ERROR_IGNORE_ECONNRESET:
>>>        case NGX_ERROR_INFO:
>>> diff --git a/src/core/ngx_connection.h b/src/core/ngx_connection.h
>>> --- a/src/core/ngx_connection.h
>>> +++ b/src/core/ngx_connection.h
>>> @@ -97,7 +97,8 @@ typedef enum {
>>>    NGX_ERROR_ERR,
>>>    NGX_ERROR_INFO,
>>>    NGX_ERROR_IGNORE_ECONNRESET,
>>> -    NGX_ERROR_IGNORE_EINVAL
>>> +    NGX_ERROR_IGNORE_EINVAL,
>>> +    NGX_ERROR_IGNORE_EMSGSIZE
>>> } ngx_connection_log_error_e;
>>> 
>>> 
>>> diff --git a/src/event/quic/ngx_event_quic.c b/src/event/quic/ngx_event_quic.c
>>> --- a/src/event/quic/ngx_event_quic.c
>>> +++ b/src/event/quic/ngx_event_quic.c
>>> @@ -149,11 +149,6 @@ ngx_quic_apply_transport_params(ngx_conn
>>>        ngx_log_error(NGX_LOG_INFO, c->log, 0,
>>>                      "quic maximum packet size is invalid");
>>>        return NGX_ERROR;
>>> -
>>> -    } else if (ctp->max_udp_payload_size > ngx_quic_max_udp_payload(c)) {
>>> -        ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c);
>>> -        ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0,
>>> -                       "quic client maximum packet size truncated");
>>>    }
>>> 
>>>    if (ctp->active_connection_id_limit < 2) {
>>> @@ -286,7 +281,7 @@ ngx_quic_new_connection(ngx_connection_t
>>> 
>>>    qc->path_validation.log = c->log;
>>>    qc->path_validation.data = c;
>>> -    qc->path_validation.handler = ngx_quic_path_validation_handler;
>>> +    qc->path_validation.handler = ngx_quic_path_handler;
>>> 
>>>    qc->conf = conf;
>>> 
>>> @@ -297,7 +292,7 @@ ngx_quic_new_connection(ngx_connection_t
>>>    ctp = &qc->ctp;
>>> 
>>>    /* defaults to be used before actual client parameters are received */
>>> -    ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c);
>>> +    ctp->max_udp_payload_size = NGX_QUIC_MAX_UDP_PAYLOAD_SIZE;
>>>    ctp->ack_delay_exponent = NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT;
>>>    ctp->max_ack_delay = NGX_QUIC_DEFAULT_MAX_ACK_DELAY;
>>>    ctp->active_connection_id_limit = 2;
>>> diff --git a/src/event/quic/ngx_event_quic_ack.c b/src/event/quic/ngx_event_quic_ack.c
>>> --- a/src/event/quic/ngx_event_quic_ack.c
>>> +++ b/src/event/quic/ngx_event_quic_ack.c
>>> @@ -229,6 +229,12 @@ ngx_quic_handle_ack_frame_range(ngx_conn
>>> 
>>>    qc = ngx_quic_get_connection(c);
>>> 
>>> +    if (ctx->level == ssl_encryption_application) {
>>> +        if (ngx_quic_handle_path_mtu_ack(c, qc->path, min, max) != NGX_OK) {
>>> +            return NGX_ERROR;
>>> +        }
>>> +    }
>>> +
>>>    st->max_pn = NGX_TIMER_INFINITE;
>>>    found = 0;
>>> 
>>> diff --git a/src/event/quic/ngx_event_quic_connection.h b/src/event/quic/ngx_event_quic_connection.h
>>> --- a/src/event/quic/ngx_event_quic_connection.h
>>> +++ b/src/event/quic/ngx_event_quic_connection.h
>>> @@ -66,6 +66,14 @@ typedef struct ngx_quic_keys_s        ng
>>> #define ngx_quic_get_socket(c)               ((ngx_quic_socket_t *)((c)->udp))
>>> 
>>> 
>>> +typedef enum {
>>> +    NGX_QUIC_PATH_IDLE = 0,
>>> +    NGX_QUIC_PATH_VALIDATING,
>>> +    NGX_QUIC_PATH_WAITING,
>>> +    NGX_QUIC_PATH_DISCOVERING_MTU
>> 
>> Nitpicking on too long name.
>> What about NGX_QUIC_PATH_MTUD or something.
> 
> OK, renamed.
> 
>>> +} ngx_quic_path_state_e;
>>> +
>>> +
>>> struct ngx_quic_client_id_s {
>>>    ngx_queue_t                       queue;
>>>    uint64_t                          seqnum;
>>> @@ -89,18 +97,22 @@ struct ngx_quic_path_s {
>>>    ngx_sockaddr_t                    sa;
>>>    socklen_t                         socklen;
>>>    ngx_quic_client_id_t             *cid;
>>> +    ngx_quic_path_state_e             state;
>>>    ngx_msec_t                        expires;
>>>    ngx_uint_t                        tries;
>>>    ngx_uint_t                        tag;
>>> +    size_t                            mtu;
>>> +    size_t                            mtud;
>>> +    size_t                            max_mtu;
>>>    off_t                             sent;
>>>    off_t                             received;
>>>    u_char                            challenge1[8];
>>>    u_char                            challenge2[8];
>>>    uint64_t                          seqnum;
>>> +    uint64_t                          mtu_pnum[NGX_QUIC_PATH_RETRIES];
>>>    ngx_str_t                         addr_text;
>>>    u_char                            text[NGX_SOCKADDR_STRLEN];
>>> -    unsigned                          validated:1;
>>> -    unsigned                          validating:1;
>>> +    ngx_uint_t                        validated; /* unsigned validated:1; */
>>> };
>>> 
>>> 
>>> diff --git a/src/event/quic/ngx_event_quic_migration.c b/src/event/quic/ngx_event_quic_migration.c
>>> --- a/src/event/quic/ngx_event_quic_migration.c
>>> +++ b/src/event/quic/ngx_event_quic_migration.c
>>> @@ -10,6 +10,11 @@
>>> #include <ngx_event_quic_connection.h>
>>> 
>>> 
>>> +#define NGX_QUIC_PATH_MTU_DELAY       1000
>> 
>> The value looks too much,
>> it would delay each subsequent probe (which is not retry).
> 
> Probably the right value should be determined in real-life scenarios.

I'm quite skeptical about delayed probes, it has little to no benefit
for short connections with bulky transfers, as implemented, especially
with short MTU steps.  OTOH, immediate probes can lead to congestion
window starvation resulting in request processing slow down.

For the record,
https://www.ietf.org/proceedings/62/pmtud.html provides a discussion
about PMTUD, in particular, on search strategy and when to probe.
For the latter, it seems to articulate an opposite view, i.e. to send
probes ASAP.  Also, it raises a question how short lived connections
could benefit from PMTUD, e.g. by caching path MTU, which seems to
correspond to a shared PLPMTU state in RFC 8899.

> Let's decrease the value by a factor of 10 for now.

For a simple implementation, 100ms is a good enough trade-off, IMHO.

> 
>>> +#define NGX_QUIC_PATH_MTU_STEP        256
>>> +#define NGX_QUIC_PATH_MTU_PRECISION   16
>>> +
>>> +
>>> static void ngx_quic_set_connection_path(ngx_connection_t *c,
>>>    ngx_quic_path_t *path);
>>> static ngx_int_t ngx_quic_validate_path(ngx_connection_t *c,
>>> @@ -17,7 +22,15 @@ static ngx_int_t ngx_quic_validate_path(
>>> static ngx_int_t ngx_quic_send_path_challenge(ngx_connection_t *c,
>>>    ngx_quic_path_t *path);
>>> static void ngx_quic_set_path_timer(ngx_connection_t *c);
>>> +static ngx_int_t ngx_quic_expire_path_validation(ngx_connection_t *c,
>>> +    ngx_quic_path_t *path);
>>> +static ngx_int_t ngx_quic_expire_path_mtu_delay(ngx_connection_t *c,
>>> +    ngx_quic_path_t *path);
>>> +static ngx_int_t ngx_quic_expire_path_mtu_discovery(ngx_connection_t *c,
>>> +    ngx_quic_path_t *path);
>>> static ngx_quic_path_t *ngx_quic_get_path(ngx_connection_t *c, ngx_uint_t tag);
>>> +static ngx_int_t ngx_quic_send_path_mtu_probe(ngx_connection_t *c,
>>> +    ngx_quic_path_t *path);
>>> 
>>> 
>>> ngx_int_t
>>> @@ -97,7 +110,7 @@ ngx_quic_handle_path_response_frame(ngx_
>>>    {
>>>        path = ngx_queue_data(q, ngx_quic_path_t, queue);
>>> 
>>> -        if (!path->validating) {
>>> +        if (path->state != NGX_QUIC_PATH_VALIDATING) {
>>>            continue;
>>>        }
>>> 
>>> @@ -136,6 +149,9 @@ valid:
>>>        {
>>>            /* address did not change */
>>>            rst = 0;
>>> +
>>> +            path->mtu = prev->mtu;
>>> +            path->max_mtu = prev->max_mtu;
>>>        }
>>>    }
>>> 
>>> @@ -167,9 +183,8 @@ valid:
>>>    ngx_quic_path_dbg(c, "is validated", path);
>>> 
>>>    path->validated = 1;
>>> -    path->validating = 0;
>>> 
>>> -    ngx_quic_set_path_timer(c);
>>> +    ngx_quic_discover_path_mtu(c, path);
>>> 
>>>    return NGX_OK;
>>> }
>>> @@ -217,6 +232,8 @@ ngx_quic_new_path(ngx_connection_t *c,
>>>    path->addr_text.len = ngx_sock_ntop(sockaddr, socklen, path->text,
>>>                                        NGX_SOCKADDR_STRLEN, 1);
>>> 
>>> +    path->mtu = NGX_QUIC_MIN_INITIAL_SIZE;
>>> +
>>>    ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
>>>                   "quic path seq:%uL created addr:%V",
>>>                   path->seqnum, &path->addr_text);
>>> @@ -464,7 +481,7 @@ ngx_quic_handle_migration(ngx_connection
>>> 
>>>    ngx_quic_set_connection_path(c, next);
>>> 
>>> -    if (!next->validated && !next->validating) {
>>> +    if (!next->validated && next->state != NGX_QUIC_PATH_VALIDATING) {
>>>        if (ngx_quic_validate_path(c, next) != NGX_OK) {
>>>            return NGX_ERROR;
>>>        }
>>> @@ -492,7 +509,6 @@ ngx_quic_validate_path(ngx_connection_t 
>>>    ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
>>>                   "quic initiated validation of path seq:%uL", path->seqnum);
>>> 
>>> -    path->validating = 1;
>>>    path->tries = 0;
>>> 
>>>    if (RAND_bytes(path->challenge1, 8) != 1) {
>>> @@ -511,6 +527,7 @@ ngx_quic_validate_path(ngx_connection_t 
>>>    pto = ngx_max(ngx_quic_pto(c, ctx), 1000);
>>> 
>>>    path->expires = ngx_current_msec + pto;
>>> +    path->state = NGX_QUIC_PATH_VALIDATING;
>>> 
>>>    ngx_quic_set_path_timer(c);
>>> 
>>> @@ -558,6 +575,42 @@ ngx_quic_send_path_challenge(ngx_connect
>>> }
>>> 
>>> 
>>> +void
>>> +ngx_quic_discover_path_mtu(ngx_connection_t *c, ngx_quic_path_t *path)
>>> +{
>>> +    ngx_quic_connection_t  *qc;
>>> +
>>> +    qc = ngx_quic_get_connection(c);
>>> +
>>> +    if (path->max_mtu) {
>>> +        if (path->max_mtu - path->mtu <= NGX_QUIC_PATH_MTU_PRECISION) {
>>> +            path->state = NGX_QUIC_PATH_IDLE;
>>> +            ngx_quic_set_path_timer(c);
>>> +            return;
>>> +        }
>>> +
>>> +        path->mtud = (path->mtu + path->max_mtu) / 2;
>>> +
>>> +    } else {
>>> +        path->mtud = path->mtu + NGX_QUIC_PATH_MTU_STEP;
>> 
>> I like this approach, compared to multiplying probe steps.
>> This better fits to the pattern to keep around a well-known
>> initial value, which is typically 1500 bytes.
>> Another one could be to let user specify its own initial
>> value for cases when he knows well its network environment.
>> 
>>> +
>>> +        if (path->mtud >= qc->ctp.max_udp_payload_size) {
>>> +            path->mtud = qc->ctp.max_udp_payload_size;
>>> +            path->max_mtu = qc->ctp.max_udp_payload_size;
>>> +        }
>>> +    }
>>> +
>>> +    path->state = NGX_QUIC_PATH_WAITING;
>>> +    path->expires = ngx_current_msec + NGX_QUIC_PATH_MTU_DELAY;
>>> +
>>> +    ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
>>> +                   "quic path seq:%uL schedule mtu:%uz",
>>> +                   path->seqnum, path->mtud);
>>> +
>>> +    ngx_quic_set_path_timer(c);
>>> +}
>>> +
>>> +
>>> static void
>>> ngx_quic_set_path_timer(ngx_connection_t *c)
>>> {
>>> @@ -578,7 +631,7 @@ ngx_quic_set_path_timer(ngx_connection_t
>>>    {
>>>        path = ngx_queue_data(q, ngx_quic_path_t, queue);
>>> 
>>> -        if (!path->validating) {
>>> +        if (path->state == NGX_QUIC_PATH_IDLE) {
>>>            continue;
>>>        }
>>> 
>>> @@ -600,22 +653,18 @@ ngx_quic_set_path_timer(ngx_connection_t
>>> 
>>> 
>>> void
>>> -ngx_quic_path_validation_handler(ngx_event_t *ev)
>>> +ngx_quic_path_handler(ngx_event_t *ev)
>>> {
>>>    ngx_msec_t              now;
>>>    ngx_queue_t            *q;
>>> -    ngx_msec_int_t          left, next, pto;
>>> -    ngx_quic_path_t        *path, *bkp;
>>> +    ngx_msec_int_t          left;
>>> +    ngx_quic_path_t        *path;
>>>    ngx_connection_t       *c;
>>> -    ngx_quic_send_ctx_t    *ctx;
>>>    ngx_quic_connection_t  *qc;
>>> 
>>>    c = ev->data;
>>>    qc = ngx_quic_get_connection(c);
>>> 
>>> -    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
>>> -
>>> -    next = -1;
>>>    now = ngx_current_msec;
>>> 
>>>    q = ngx_queue_head(&qc->paths);
>>> @@ -625,83 +674,274 @@ ngx_quic_path_validation_handler(ngx_eve
>>>        path = ngx_queue_data(q, ngx_quic_path_t, queue);
>>>        q = ngx_queue_next(q);
>>> 
>>> -        if (!path->validating) {
>>> +        if (path->state == NGX_QUIC_PATH_IDLE) {
>>>            continue;
>>>        }
>>> 
>>>        left = path->expires - now;
>>> 
>>>        if (left > 0) {
>>> -
>>> -            if (next == -1 || left < next) {
>>> -                next = left;
>>> -            }
>>> -
>>> -            continue;
>>> -        }
>>> -
>>> -        if (++path->tries < NGX_QUIC_PATH_RETRIES) {
>>> -            pto = ngx_max(ngx_quic_pto(c, ctx), 1000) << path->tries;
>>> -
>>> -            path->expires = ngx_current_msec + pto;
>>> -
>>> -            if (next == -1 || pto < next) {
>>> -                next = pto;
>>> -            }
>>> -
>>> -            /* retransmit */
>>> -            (void) ngx_quic_send_path_challenge(c, path);
>>> -
>>>            continue;
>>>        }
>>> 
>>> -        ngx_log_debug1(NGX_LOG_DEBUG_EVENT, ev->log, 0,
>>> -                       "quic path seq:%uL validation failed", path->seqnum);
>>> +        switch (path->state) {
>>> +        case NGX_QUIC_PATH_VALIDATING:
>>> +             if (ngx_quic_expire_path_validation(c, path) != NGX_OK) {
>>> +                goto failed;
>>> +            }
>>> +
>>> +            break;
>>> +
>>> +        case NGX_QUIC_PATH_WAITING:
>>> +            if (ngx_quic_expire_path_mtu_delay(c, path) != NGX_OK) {
>>> +                goto failed;
>>> +            }
>>> +
>>> +            break;
>>> +
>>> +        case NGX_QUIC_PATH_DISCOVERING_MTU:
>>> +            if (ngx_quic_expire_path_mtu_discovery(c, path) != NGX_OK) {
>>> +                goto failed;
>>> +             }
>>> +
>>> +            break;
>>> +
>> 
>> indentation in several places here
> 
> Fixed, thanks.
> 
>>> +        default:
>>> +            break;
>>> +         }
>>> +     }
>>> +
>>> +    ngx_quic_set_path_timer(c);
>>> +
>>> +    return;
>>> 
>>> -        /* found expired path */
>>> +failed:
>>> +
>>> +    ngx_quic_close_connection(c, NGX_ERROR);
>>> +}
>>> +
>>> +
>>> +static ngx_int_t
>>> +ngx_quic_expire_path_validation(ngx_connection_t *c, ngx_quic_path_t *path)
>>> +{
>>> +    ngx_msec_int_t          pto;
>>> +    ngx_quic_path_t        *bkp;
>>> +    ngx_quic_send_ctx_t    *ctx;
>>> +    ngx_quic_connection_t  *qc;
>>> 
>>> -        path->validated = 0;
>>> -        path->validating = 0;
>>> +    qc = ngx_quic_get_connection(c);
>>> +    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
>>> +
>>> +    if (++path->tries < NGX_QUIC_PATH_RETRIES) {
>>> +        pto = ngx_max(ngx_quic_pto(c, ctx), 1000) << path->tries;
>>> +        path->expires = ngx_current_msec + pto;
>>> +
>>> +        (void) ngx_quic_send_path_challenge(c, path);
>>> +
>>> +        return NGX_OK;
>>> +    }
>>> +
>>> +    ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
>>> +                   "quic path seq:%uL validation failed", path->seqnum);
>>> +
>>> +    /* found expired path */
>>> +
>>> +    path->validated = 0;
>>> 
>>> 
>>> -        /* RFC 9000, 9.3.2.  On-Path Address Spoofing
>>> -         *
>>> -         * To protect the connection from failing due to such a spurious
>>> -         * migration, an endpoint MUST revert to using the last validated
>>> -         * peer address when validation of a new peer address fails.
>>> -         */
>>> -
>>> -        if (qc->path == path) {
>>> -            /* active path validation failed */
>>> -
>>> -            bkp = ngx_quic_get_path(c, NGX_QUIC_PATH_BACKUP);
>>> +    /* RFC 9000, 9.3.2.  On-Path Address Spoofing
>>> +     *
>>> +     * To protect the connection from failing due to such a spurious
>>> +     * migration, an endpoint MUST revert to using the last validated
>>> +     * peer address when validation of a new peer address fails.
>>> +     */
>>> 
>>> -            if (bkp == NULL) {
>>> -                qc->error = NGX_QUIC_ERR_NO_VIABLE_PATH;
>>> -                qc->error_reason = "no viable path";
>>> -                ngx_quic_close_connection(c, NGX_ERROR);
>>> -                return;
>>> -            }
>>> +    if (qc->path == path) {
>>> +        /* active path validation failed */
>>> +
>>> +        bkp = ngx_quic_get_path(c, NGX_QUIC_PATH_BACKUP);
>>> 
>>> -            qc->path = bkp;
>>> -            qc->path->tag = NGX_QUIC_PATH_ACTIVE;
>>> -
>>> -            ngx_quic_set_connection_path(c, qc->path);
>>> -
>>> -            ngx_log_error(NGX_LOG_INFO, c->log, 0,
>>> -                          "quic path seq:%uL addr:%V is restored from backup",
>>> -                          qc->path->seqnum, &qc->path->addr_text);
>>> -
>>> -            ngx_quic_path_dbg(c, "is active", qc->path);
>>> +        if (bkp == NULL) {
>>> +            qc->error = NGX_QUIC_ERR_NO_VIABLE_PATH;
>>> +            qc->error_reason = "no viable path";
>>> +            return NGX_ERROR;
>>>        }
>>> 
>>> -        if (ngx_quic_free_path(c, path) != NGX_OK) {
>>> -            ngx_quic_close_connection(c, NGX_ERROR);
>>> -            return;
>>> +        qc->path = bkp;
>>> +        qc->path->tag = NGX_QUIC_PATH_ACTIVE;
>>> +
>>> +        ngx_quic_set_connection_path(c, qc->path);
>>> +
>>> +        ngx_log_error(NGX_LOG_INFO, c->log, 0,
>>> +                      "quic path seq:%uL addr:%V is restored from backup",
>>> +                      qc->path->seqnum, &qc->path->addr_text);
>>> +
>>> +        ngx_quic_path_dbg(c, "is active", qc->path);
>>> +    }
>>> +
>>> +    return ngx_quic_free_path(c, path);
>>> +}
>>> +
>>> +
>>> +static ngx_int_t
>>> +ngx_quic_expire_path_mtu_delay(ngx_connection_t *c, ngx_quic_path_t *path)
>>> +{
>>> +    ngx_int_t               rc;
>>> +    ngx_uint_t              i;
>>> +    ngx_msec_t              pto;
>>> +    ngx_quic_send_ctx_t    *ctx;
>>> +    ngx_quic_connection_t  *qc;
>>> +
>>> +    qc = ngx_quic_get_connection(c);
>>> +    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
>>> +
>>> +    path->tries = 0;
>>> +
>>> +    for ( ;; ) {
>>> +
>>> +        for (i = 0; i < NGX_QUIC_PATH_RETRIES; i++) {
>>> +            path->mtu_pnum[i] = NGX_QUIC_UNSET_PN;
>>> +        }
>>> +
>>> +        rc = ngx_quic_send_path_mtu_probe(c, path);
>>> +
>>> +        if (rc == NGX_ERROR) {
>>> +            return NGX_ERROR;
>>> +        }
>>> +
>>> +        if (rc == NGX_OK) {
>>> +            pto = ngx_quic_pto(c, ctx);
>>> +            path->expires = ngx_current_msec + pto;
>>> +            path->state = NGX_QUIC_PATH_DISCOVERING_MTU;
>>> +            return NGX_OK;
>>> +        }
>>> +
>>> +        /* rc == NGX_DECLINED */
>>> +
>>> +        path->max_mtu = path->mtud;
>>> +
>>> +        if (path->max_mtu - path->mtu <= NGX_QUIC_PATH_MTU_PRECISION) {
>>> +            path->state = NGX_QUIC_PATH_IDLE;
>>> +            return NGX_OK;
>>> +        }
>>> +
>>> +        path->mtud = (path->mtu + path->max_mtu) / 2;
>>> +    }
>>> +}
>>> +
>>> +
>>> +static ngx_int_t
>>> +ngx_quic_expire_path_mtu_discovery(ngx_connection_t *c, ngx_quic_path_t *path)
>>> +{
>>> +    ngx_int_t               rc;
>>> +    ngx_msec_int_t          pto;
>>> +    ngx_quic_send_ctx_t    *ctx;
>>> +    ngx_quic_connection_t  *qc;
>>> +
>>> +    qc = ngx_quic_get_connection(c);
>>> +    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
>>> +
>>> +    if (++path->tries < NGX_QUIC_PATH_RETRIES) {
>>> +        pto = ngx_quic_pto(c, ctx) << path->tries;
>>> +        path->expires = ngx_current_msec + pto;
>>> +
>> 
>> Setting path->expires there seems useless.
>> It don't seem to be used in ngx_quic_send_path_mtu_probe(),
>> and ngx_quic_discover_path_mtu() used to reset path->expires.
> 
> If ngx_quic_send_path_mtu_probe() below returns NGX_OK, the path should stay
> in the same state, but expiration time should be advanced.  To make it
> more obvious, I changed this code.

Updated code makes it clear, thanks.

> 
>>> +        rc = ngx_quic_send_path_mtu_probe(c, path);
>>> +        if (rc != NGX_DECLINED) {
>>> +            return rc;
>>>        }
>>>    }
>>> 
>>> -    if (next != -1) {
>>> -        ngx_add_timer(&qc->path_validation, next);
>>> +    ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
>>> +                   "quic path seq:%uL expired mtu:%uz",
>>> +                   path->seqnum, path->mtud);
>>> +
>>> +    path->max_mtu = path->mtud;
>>> +
>>> +    ngx_quic_discover_path_mtu(c, path);
>>> +
>>> +    return NGX_OK;
>>> +}
>>> +
>>> +
>>> +static ngx_int_t
>>> +ngx_quic_send_path_mtu_probe(ngx_connection_t *c, ngx_quic_path_t *path)
>>> +{
>>> +    ngx_int_t               rc;
>>> +    ngx_uint_t              log_error;
>>> +    ngx_quic_frame_t        frame;
>>> +    ngx_quic_send_ctx_t    *ctx;
>>> +    ngx_quic_connection_t  *qc;
>>> +
>>> +    ngx_memzero(&frame, sizeof(ngx_quic_frame_t));
>>> +
>>> +    frame.level = ssl_encryption_application;
>>> +    frame.type = NGX_QUIC_FT_PING;
>>> +
>>> +    qc = ngx_quic_get_connection(c);
>>> +    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
>>> +    path->mtu_pnum[path->tries] = ctx->pnum;
>>> +
>>> +    ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0,
>>> +                   "quic path seq:%uL send probe "
>>> +                   "mtu:%uz pnum:%uL tries:%ui",
>>> +                   path->seqnum, path->mtud, ctx->pnum, path->tries);
>>> +
>>> +    log_error = c->log_error;
>>> +    c->log_error = NGX_ERROR_IGNORE_EMSGSIZE;
>>> +
>>> +    rc = ngx_quic_frame_sendto(c, &frame, path->mtud, path);
>>> +    c->log_error = log_error;
>>> +
>>> +    if (rc == NGX_ERROR) {
>>> +        if (c->write->error) {
>>> +            c->write->error = 0;
>>> +
>>> +            ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
>>> +                           "quic path seq:%uL rejected mtu:%uz",
>>> +                           path->seqnum, path->mtud);
>>> +
>>> +            return NGX_DECLINED;
>> 
>> The error handling looks awkward to decline on write error.
>> ngx_sendmsg() sets write error on fatal sendmsg errors,
>> and keeps it unset NGX_EAGAIN and NGX_EINTR, which
>> are typically non-fatal transient errors.
>> I understand this is done mostly to ignore EMSGSIZE,
>> maybe it makes sense to ignore the rest sendmsg() errors.
> 
> The problem is, the error doesn't make it to this point.  All be have here is
> NGX_ERROR and c->write->error.  I think, for PMTUD purposes we can safely
> ignore the errors.  It's hinghly likely, the error will repeat while doing
> connection I/O and we'll shortly close the connection.

Ok, I re-read ngx_sendmsg() to clarify the following:
- NGX_EINTR is handled internally and never returned up to here;
- NGX_EAGAIN (NGX_AGAIN) seems to be returned, at least on Linux,
  when send buffer is low for the MTU probe, converted to NGX_OK;
- FTR, looking at sosend_dgram() on FreeBSD, sendmsg seems to
  return EMSGSIZE there, instead, on low socket buffer space;
- other sendmsg errors are returned as NGX_ERROR, and
  c->write->error is set; this is converted to NGX_DECLINED;
- non-sendmsg NGX_ERRORs appeared in ngx_quic_frame_sendto()
  are passed as is without conversion.

So, the error handling as implemented to decline on any sendmsg
"fatal" errors actually makes sense, if we'd like to avoid rewriting
ngx_sendmsg() to further distinguish sendmsg errors, notably EMSGSIZE.
The downside is that connection may ignore actually fatal errors,
though the error will likely repeat on sending non-probing frames.

NGX_AGAIN conversion to NGX_OK is questionable, because this
makes a probe considered successfully sent while it is not.
I wonder though what we can do about that other than to simply
ignore, similar to other ngx_quic_frame_sendto() callers,
because next time on a probe retry sendmsg can return success.

> 
>>> +        }
>>> +
>>> +        return NGX_ERROR;
>>>    }
>>> +
>>> +    return NGX_OK;
>>> }
>>> +
>>> +
>>> +ngx_int_t
>>> +ngx_quic_handle_path_mtu_ack(ngx_connection_t *c, ngx_quic_path_t *path,
>>> +    uint64_t min, uint64_t max)
>>> +{
>>> +    uint64_t    pnum;
>>> +    ngx_uint_t  i;
>>> +
>>> +    if (path->state != NGX_QUIC_PATH_DISCOVERING_MTU) {
>>> +        return NGX_OK;
>>> +    }
>>> +
>>> +    for (i = 0; i < NGX_QUIC_PATH_RETRIES; i++) {
>>> +        pnum = path->mtu_pnum[i];
>>> +
>>> +        if (pnum == NGX_QUIC_UNSET_PN) {
>>> +            break;
>>> +        }
>>> +
>>> +        if (pnum < min || pnum > max) {
>>> +            continue;
>>> +        }
>>> +
>>> +        path->mtu = path->mtud;
>>> +
>>> +        ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
>>> +                       "quic path seq:%uL ack mtu:%uz",
>>> +                       path->seqnum, path->mtu);
>>> +
>>> +        ngx_quic_discover_path_mtu(c, path);
>>> +
>>> +        break;
>> 
>> What if two probes appeared ACKed in one range.
>> Though that seems to be safe to break there, as two
>> probes barely have different probe sizes, rather retries.
> 
> No matter how many probes are acked, the next step is still the same.
> So there's no reason to find all of them.
> 

Ok, let's leave it as is.

>>> +    }
>>> +
>>> +    return NGX_OK;
>>> +}
>>> diff --git a/src/event/quic/ngx_event_quic_migration.h b/src/event/quic/ngx_event_quic_migration.h
>>> --- a/src/event/quic/ngx_event_quic_migration.h
>>> +++ b/src/event/quic/ngx_event_quic_migration.h
>>> @@ -18,10 +18,10 @@
>>> #define NGX_QUIC_PATH_BACKUP    2
>>> 
>>> #define ngx_quic_path_dbg(c, msg, path)                                       \
>>> -    ngx_log_debug6(NGX_LOG_DEBUG_EVENT, c->log, 0,                            \
>>> -                   "quic path seq:%uL %s sent:%O recvd:%O state:%s%s",        \
>>> +    ngx_log_debug7(NGX_LOG_DEBUG_EVENT, c->log, 0,                            \
>>> +                   "quic path seq:%uL %s tx:%O rx:%O valid:%d st:%d mtu:%uz", \
>>>                   path->seqnum, msg, path->sent, path->received,             \
>>> -                   path->validated ? "V": "N", path->validating ? "R": "");
>>> +                   path->validated, path->state, path->mtu);
>>> 
>>> ngx_int_t ngx_quic_handle_path_challenge_frame(ngx_connection_t *c,
>>>    ngx_quic_header_t *pkt, ngx_quic_path_challenge_frame_t *f);
>>> @@ -36,6 +36,10 @@ ngx_int_t ngx_quic_set_path(ngx_connecti
>>> ngx_int_t ngx_quic_handle_migration(ngx_connection_t *c,
>>>    ngx_quic_header_t *pkt);
>>> 
>>> -void ngx_quic_path_validation_handler(ngx_event_t *ev);
>>> +void ngx_quic_path_handler(ngx_event_t *ev);
>>> +
>>> +void ngx_quic_discover_path_mtu(ngx_connection_t *c, ngx_quic_path_t *path);
>>> +ngx_int_t ngx_quic_handle_path_mtu_ack(ngx_connection_t *c,
>>> +    ngx_quic_path_t *path, uint64_t min, uint64_t max);
>> 
>> Nitpicking:
>> maybe just ngx_quic_handle_path_mtu() ?
>> This would match ngx_quic_discover_path_mtu() naming.
> 
> OK, renamed.
> 
>>> 
>>> #endif /* _NGX_EVENT_QUIC_MIGRATION_H_INCLUDED_ */
>>> diff --git a/src/event/quic/ngx_event_quic_output.c b/src/event/quic/ngx_event_quic_output.c
>>> --- a/src/event/quic/ngx_event_quic_output.c
>>> +++ b/src/event/quic/ngx_event_quic_output.c
>>> @@ -10,9 +10,6 @@
>>> #include <ngx_event_quic_connection.h>
>>> 
>>> 
>>> -#define NGX_QUIC_MAX_UDP_PAYLOAD_OUT   1252
>>> -#define NGX_QUIC_MAX_UDP_PAYLOAD_OUT6  1232
>>> -
>>> #define NGX_QUIC_MAX_UDP_SEGMENT_BUF  65487 /* 65K - IPv6 header */
>>> #define NGX_QUIC_MAX_SEGMENTS            64 /* UDP_MAX_SEGMENTS */
>>> 
>>> @@ -61,21 +58,6 @@ static size_t ngx_quic_path_limit(ngx_co
>>>    size_t size);
>>> 
>>> 
>>> -size_t
>>> -ngx_quic_max_udp_payload(ngx_connection_t *c)
>>> -{
>>> -    /* TODO: path MTU discovery */
>>> -
>>> -#if (NGX_HAVE_INET6)
>>> -    if (c->sockaddr->sa_family == AF_INET6) {
>>> -        return NGX_QUIC_MAX_UDP_PAYLOAD_OUT6;
>>> -    }
>>> -#endif
>>> -
>>> -    return NGX_QUIC_MAX_UDP_PAYLOAD_OUT;
>>> -}
>>> -
>>> -
>>> ngx_int_t
>>> ngx_quic_output(ngx_connection_t *c)
>>> {
>>> @@ -142,10 +124,7 @@ ngx_quic_create_datagrams(ngx_connection
>>> 
>>>        p = dst;
>>> 
>>> -        len = ngx_min(qc->ctp.max_udp_payload_size,
>>> -                      NGX_QUIC_MAX_UDP_PAYLOAD_SIZE);
>>> -
>>> -        len = ngx_quic_path_limit(c, path, len);
>>> +        len = ngx_quic_path_limit(c, path, path->mtu);
>>> 
>>>        pad = ngx_quic_get_padding_level(c);
>>> 
>>> @@ -299,9 +278,7 @@ ngx_quic_allow_segmentation(ngx_connecti
>>>    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
>>> 
>>>    bytes = 0;
>>> -
>>> -    len = ngx_min(qc->ctp.max_udp_payload_size,
>>> -                  NGX_QUIC_MAX_UDP_SEGMENT_BUF);
>>> +    len = ngx_min(qc->path->mtu, NGX_QUIC_MAX_UDP_SEGMENT_BUF);
>>> 
>>>    for (q = ngx_queue_head(&ctx->frames);
>>>         q != ngx_queue_sentinel(&ctx->frames);
>>> @@ -345,8 +322,7 @@ ngx_quic_create_segments(ngx_connection_
>>>        return NGX_ERROR;
>>>    }
>>> 
>>> -    segsize = ngx_min(qc->ctp.max_udp_payload_size,
>>> -                      NGX_QUIC_MAX_UDP_SEGMENT_BUF);
>>> +    segsize = ngx_min(path->mtu, NGX_QUIC_MAX_UDP_SEGMENT_BUF);
>>>    p = dst;
>>>    end = dst + sizeof(dst);
>>> 
>>> diff --git a/src/event/quic/ngx_event_quic_output.h b/src/event/quic/ngx_event_quic_output.h
>>> --- a/src/event/quic/ngx_event_quic_output.h
>>> +++ b/src/event/quic/ngx_event_quic_output.h
>>> @@ -12,8 +12,6 @@
>>> #include <ngx_core.h>
>>> 
>>> 
>>> -size_t ngx_quic_max_udp_payload(ngx_connection_t *c);
>>> -
>>> ngx_int_t ngx_quic_output(ngx_connection_t *c);
>>> 
>>> ngx_int_t ngx_quic_negotiate_version(ngx_connection_t *c,
>>> diff --git a/src/event/quic/ngx_event_quic_ssl.c b/src/event/quic/ngx_event_quic_ssl.c
>>> --- a/src/event/quic/ngx_event_quic_ssl.c
>>> +++ b/src/event/quic/ngx_event_quic_ssl.c
>>> @@ -494,6 +494,8 @@ ngx_quic_crypto_input(ngx_connection_t *
>>>     */
>>>    ngx_quic_discard_ctx(c, ssl_encryption_handshake);
>>> 
>>> +    ngx_quic_discover_path_mtu(c, qc->path);
>>> +
>>>    /* start accepting clients on negotiated number of server ids */
>>>    if (ngx_quic_create_sockets(c) != NGX_OK) {
>>>        return NGX_ERROR;
>>> diff --git a/src/os/unix/ngx_errno.h b/src/os/unix/ngx_errno.h
>>> --- a/src/os/unix/ngx_errno.h
>>> +++ b/src/os/unix/ngx_errno.h
>>> @@ -54,6 +54,7 @@ typedef int               ngx_err_t;
>>> #define NGX_ENOMOREFILES  0
>>> #define NGX_ELOOP         ELOOP
>>> #define NGX_EBADF         EBADF
>>> +#define NGX_EMSGSIZE      EMSGSIZE
>>> 
>>> #if (NGX_HAVE_OPENAT)
>>> #define NGX_EMLINK        EMLINK

This will break on win32, an NGX_EMSGSIZE definition needs to be
provided there, which is WSAEMSGSIZE.

> 
> The diff is attached.
> 

The diff looks good.

-- 
Sergey Kandaurov

From arut at nginx.com  Thu Aug 10 10:21:04 2023
From: arut at nginx.com (Roman Arutyunyan)
Date: Thu, 10 Aug 2023 14:21:04 +0400
Subject: [PATCH 4 of 4] QUIC: path MTU discovery
In-Reply-To: <7AACA0BF-BDEA-4546-9673-27D57340EC1E@nginx.com>
References: <patchbomb.1688651833@arut-laptop>
 <1a49fd5d2013b6c8d502.1688651837@arut-laptop>
 <E772A710-B4FC-4A53-8489-DEC5586B29E7@nginx.com>
 <20230731173420.v7dq7bktey2ox4s2@N00W24XTQX>
 <7AACA0BF-BDEA-4546-9673-27D57340EC1E@nginx.com>
Message-ID: <20230810101847.cm67i7de54tloz2c@N00W24XTQX>

On Tue, Aug 08, 2023 at 01:49:46PM +0400, Sergey Kandaurov wrote:
Hi,

> 
> > On 31 Jul 2023, at 21:34, Roman Arutyunyan <arut at nginx.com> wrote:
> > 
> > Hi,
> > 
> > On Fri, Jul 28, 2023 at 07:51:22PM +0400, Sergey Kandaurov wrote:
> >> 
> >>> On 6 Jul 2023, at 17:57, Roman Arutyunyan <arut at nginx.com> wrote:
> >>> 
> >>> # HG changeset patch
> >>> # User Roman Arutyunyan <arut at nginx.com>
> >>> # Date 1688481216 -14400
> >>> #      Tue Jul 04 18:33:36 2023 +0400
> >>> # Node ID 1a49fd5d2013b6c8d50263499e6ced440927e949
> >>> # Parent  a1ea543d009311765144351b2557c00c8e6445bf
> >>> QUIC: path MTU discovery.
> >>> 
> >>> MTU selection starts by stepping up until the first failure.  Then binary
> >>> search is used to find the path MTU.
> >>> 
> >>> diff --git a/src/core/ngx_connection.c b/src/core/ngx_connection.c
> >>> --- a/src/core/ngx_connection.c
> >>> +++ b/src/core/ngx_connection.c
> >>> @@ -1583,6 +1583,10 @@ ngx_connection_error(ngx_connection_t *c
> >>>    }
> >>> #endif
> >>> 
> >>> +    if (err == NGX_EMSGSIZE && c->log_error == NGX_ERROR_IGNORE_EMSGSIZE) {
> >>> +        return 0;
> >>> +    }
> >>> +
> >>>    if (err == 0
> >>>        || err == NGX_ECONNRESET
> >>> #if (NGX_WIN32)
> >>> @@ -1600,6 +1604,7 @@ ngx_connection_error(ngx_connection_t *c
> >>>    {
> >>>        switch (c->log_error) {
> >>> 
> >>> +        case NGX_ERROR_IGNORE_EMSGSIZE:
> >>>        case NGX_ERROR_IGNORE_EINVAL:
> >>>        case NGX_ERROR_IGNORE_ECONNRESET:
> >>>        case NGX_ERROR_INFO:
> >>> diff --git a/src/core/ngx_connection.h b/src/core/ngx_connection.h
> >>> --- a/src/core/ngx_connection.h
> >>> +++ b/src/core/ngx_connection.h
> >>> @@ -97,7 +97,8 @@ typedef enum {
> >>>    NGX_ERROR_ERR,
> >>>    NGX_ERROR_INFO,
> >>>    NGX_ERROR_IGNORE_ECONNRESET,
> >>> -    NGX_ERROR_IGNORE_EINVAL
> >>> +    NGX_ERROR_IGNORE_EINVAL,
> >>> +    NGX_ERROR_IGNORE_EMSGSIZE
> >>> } ngx_connection_log_error_e;
> >>> 
> >>> 
> >>> diff --git a/src/event/quic/ngx_event_quic.c b/src/event/quic/ngx_event_quic.c
> >>> --- a/src/event/quic/ngx_event_quic.c
> >>> +++ b/src/event/quic/ngx_event_quic.c
> >>> @@ -149,11 +149,6 @@ ngx_quic_apply_transport_params(ngx_conn
> >>>        ngx_log_error(NGX_LOG_INFO, c->log, 0,
> >>>                      "quic maximum packet size is invalid");
> >>>        return NGX_ERROR;
> >>> -
> >>> -    } else if (ctp->max_udp_payload_size > ngx_quic_max_udp_payload(c)) {
> >>> -        ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c);
> >>> -        ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0,
> >>> -                       "quic client maximum packet size truncated");
> >>>    }
> >>> 
> >>>    if (ctp->active_connection_id_limit < 2) {
> >>> @@ -286,7 +281,7 @@ ngx_quic_new_connection(ngx_connection_t
> >>> 
> >>>    qc->path_validation.log = c->log;
> >>>    qc->path_validation.data = c;
> >>> -    qc->path_validation.handler = ngx_quic_path_validation_handler;
> >>> +    qc->path_validation.handler = ngx_quic_path_handler;
> >>> 
> >>>    qc->conf = conf;
> >>> 
> >>> @@ -297,7 +292,7 @@ ngx_quic_new_connection(ngx_connection_t
> >>>    ctp = &qc->ctp;
> >>> 
> >>>    /* defaults to be used before actual client parameters are received */
> >>> -    ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c);
> >>> +    ctp->max_udp_payload_size = NGX_QUIC_MAX_UDP_PAYLOAD_SIZE;
> >>>    ctp->ack_delay_exponent = NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT;
> >>>    ctp->max_ack_delay = NGX_QUIC_DEFAULT_MAX_ACK_DELAY;
> >>>    ctp->active_connection_id_limit = 2;
> >>> diff --git a/src/event/quic/ngx_event_quic_ack.c b/src/event/quic/ngx_event_quic_ack.c
> >>> --- a/src/event/quic/ngx_event_quic_ack.c
> >>> +++ b/src/event/quic/ngx_event_quic_ack.c
> >>> @@ -229,6 +229,12 @@ ngx_quic_handle_ack_frame_range(ngx_conn
> >>> 
> >>>    qc = ngx_quic_get_connection(c);
> >>> 
> >>> +    if (ctx->level == ssl_encryption_application) {
> >>> +        if (ngx_quic_handle_path_mtu_ack(c, qc->path, min, max) != NGX_OK) {
> >>> +            return NGX_ERROR;
> >>> +        }
> >>> +    }
> >>> +
> >>>    st->max_pn = NGX_TIMER_INFINITE;
> >>>    found = 0;
> >>> 
> >>> diff --git a/src/event/quic/ngx_event_quic_connection.h b/src/event/quic/ngx_event_quic_connection.h
> >>> --- a/src/event/quic/ngx_event_quic_connection.h
> >>> +++ b/src/event/quic/ngx_event_quic_connection.h
> >>> @@ -66,6 +66,14 @@ typedef struct ngx_quic_keys_s        ng
> >>> #define ngx_quic_get_socket(c)               ((ngx_quic_socket_t *)((c)->udp))
> >>> 
> >>> 
> >>> +typedef enum {
> >>> +    NGX_QUIC_PATH_IDLE = 0,
> >>> +    NGX_QUIC_PATH_VALIDATING,
> >>> +    NGX_QUIC_PATH_WAITING,
> >>> +    NGX_QUIC_PATH_DISCOVERING_MTU
> >> 
> >> Nitpicking on too long name.
> >> What about NGX_QUIC_PATH_MTUD or something.
> > 
> > OK, renamed.
> > 
> >>> +} ngx_quic_path_state_e;
> >>> +
> >>> +
> >>> struct ngx_quic_client_id_s {
> >>>    ngx_queue_t                       queue;
> >>>    uint64_t                          seqnum;
> >>> @@ -89,18 +97,22 @@ struct ngx_quic_path_s {
> >>>    ngx_sockaddr_t                    sa;
> >>>    socklen_t                         socklen;
> >>>    ngx_quic_client_id_t             *cid;
> >>> +    ngx_quic_path_state_e             state;
> >>>    ngx_msec_t                        expires;
> >>>    ngx_uint_t                        tries;
> >>>    ngx_uint_t                        tag;
> >>> +    size_t                            mtu;
> >>> +    size_t                            mtud;
> >>> +    size_t                            max_mtu;
> >>>    off_t                             sent;
> >>>    off_t                             received;
> >>>    u_char                            challenge1[8];
> >>>    u_char                            challenge2[8];
> >>>    uint64_t                          seqnum;
> >>> +    uint64_t                          mtu_pnum[NGX_QUIC_PATH_RETRIES];
> >>>    ngx_str_t                         addr_text;
> >>>    u_char                            text[NGX_SOCKADDR_STRLEN];
> >>> -    unsigned                          validated:1;
> >>> -    unsigned                          validating:1;
> >>> +    ngx_uint_t                        validated; /* unsigned validated:1; */
> >>> };
> >>> 
> >>> 
> >>> diff --git a/src/event/quic/ngx_event_quic_migration.c b/src/event/quic/ngx_event_quic_migration.c
> >>> --- a/src/event/quic/ngx_event_quic_migration.c
> >>> +++ b/src/event/quic/ngx_event_quic_migration.c
> >>> @@ -10,6 +10,11 @@
> >>> #include <ngx_event_quic_connection.h>
> >>> 
> >>> 
> >>> +#define NGX_QUIC_PATH_MTU_DELAY       1000
> >> 
> >> The value looks too much,
> >> it would delay each subsequent probe (which is not retry).
> > 
> > Probably the right value should be determined in real-life scenarios.
> 
> I'm quite skeptical about delayed probes, it has little to no benefit
> for short connections with bulky transfers, as implemented, especially
> with short MTU steps.  OTOH, immediate probes can lead to congestion
> window starvation resulting in request processing slow down.
> 
> For the record,
> https://www.ietf.org/proceedings/62/pmtud.html provides a discussion
> about PMTUD, in particular, on search strategy and when to probe.
> For the latter, it seems to articulate an opposite view, i.e. to send
> probes ASAP.  Also, it raises a question how short lived connections
> could benefit from PMTUD, e.g. by caching path MTU, which seems to
> correspond to a shared PLPMTU state in RFC 8899.
> 
> > Let's decrease the value by a factor of 10 for now.
> 
> For a simple implementation, 100ms is a good enough trade-off, IMHO.
> 
> > 
> >>> +#define NGX_QUIC_PATH_MTU_STEP        256
> >>> +#define NGX_QUIC_PATH_MTU_PRECISION   16
> >>> +
> >>> +
> >>> static void ngx_quic_set_connection_path(ngx_connection_t *c,
> >>>    ngx_quic_path_t *path);
> >>> static ngx_int_t ngx_quic_validate_path(ngx_connection_t *c,
> >>> @@ -17,7 +22,15 @@ static ngx_int_t ngx_quic_validate_path(
> >>> static ngx_int_t ngx_quic_send_path_challenge(ngx_connection_t *c,
> >>>    ngx_quic_path_t *path);
> >>> static void ngx_quic_set_path_timer(ngx_connection_t *c);
> >>> +static ngx_int_t ngx_quic_expire_path_validation(ngx_connection_t *c,
> >>> +    ngx_quic_path_t *path);
> >>> +static ngx_int_t ngx_quic_expire_path_mtu_delay(ngx_connection_t *c,
> >>> +    ngx_quic_path_t *path);
> >>> +static ngx_int_t ngx_quic_expire_path_mtu_discovery(ngx_connection_t *c,
> >>> +    ngx_quic_path_t *path);
> >>> static ngx_quic_path_t *ngx_quic_get_path(ngx_connection_t *c, ngx_uint_t tag);
> >>> +static ngx_int_t ngx_quic_send_path_mtu_probe(ngx_connection_t *c,
> >>> +    ngx_quic_path_t *path);
> >>> 
> >>> 
> >>> ngx_int_t
> >>> @@ -97,7 +110,7 @@ ngx_quic_handle_path_response_frame(ngx_
> >>>    {
> >>>        path = ngx_queue_data(q, ngx_quic_path_t, queue);
> >>> 
> >>> -        if (!path->validating) {
> >>> +        if (path->state != NGX_QUIC_PATH_VALIDATING) {
> >>>            continue;
> >>>        }
> >>> 
> >>> @@ -136,6 +149,9 @@ valid:
> >>>        {
> >>>            /* address did not change */
> >>>            rst = 0;
> >>> +
> >>> +            path->mtu = prev->mtu;
> >>> +            path->max_mtu = prev->max_mtu;
> >>>        }
> >>>    }
> >>> 
> >>> @@ -167,9 +183,8 @@ valid:
> >>>    ngx_quic_path_dbg(c, "is validated", path);
> >>> 
> >>>    path->validated = 1;
> >>> -    path->validating = 0;
> >>> 
> >>> -    ngx_quic_set_path_timer(c);
> >>> +    ngx_quic_discover_path_mtu(c, path);
> >>> 
> >>>    return NGX_OK;
> >>> }
> >>> @@ -217,6 +232,8 @@ ngx_quic_new_path(ngx_connection_t *c,
> >>>    path->addr_text.len = ngx_sock_ntop(sockaddr, socklen, path->text,
> >>>                                        NGX_SOCKADDR_STRLEN, 1);
> >>> 
> >>> +    path->mtu = NGX_QUIC_MIN_INITIAL_SIZE;
> >>> +
> >>>    ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
> >>>                   "quic path seq:%uL created addr:%V",
> >>>                   path->seqnum, &path->addr_text);
> >>> @@ -464,7 +481,7 @@ ngx_quic_handle_migration(ngx_connection
> >>> 
> >>>    ngx_quic_set_connection_path(c, next);
> >>> 
> >>> -    if (!next->validated && !next->validating) {
> >>> +    if (!next->validated && next->state != NGX_QUIC_PATH_VALIDATING) {
> >>>        if (ngx_quic_validate_path(c, next) != NGX_OK) {
> >>>            return NGX_ERROR;
> >>>        }
> >>> @@ -492,7 +509,6 @@ ngx_quic_validate_path(ngx_connection_t 
> >>>    ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
> >>>                   "quic initiated validation of path seq:%uL", path->seqnum);
> >>> 
> >>> -    path->validating = 1;
> >>>    path->tries = 0;
> >>> 
> >>>    if (RAND_bytes(path->challenge1, 8) != 1) {
> >>> @@ -511,6 +527,7 @@ ngx_quic_validate_path(ngx_connection_t 
> >>>    pto = ngx_max(ngx_quic_pto(c, ctx), 1000);
> >>> 
> >>>    path->expires = ngx_current_msec + pto;
> >>> +    path->state = NGX_QUIC_PATH_VALIDATING;
> >>> 
> >>>    ngx_quic_set_path_timer(c);
> >>> 
> >>> @@ -558,6 +575,42 @@ ngx_quic_send_path_challenge(ngx_connect
> >>> }
> >>> 
> >>> 
> >>> +void
> >>> +ngx_quic_discover_path_mtu(ngx_connection_t *c, ngx_quic_path_t *path)
> >>> +{
> >>> +    ngx_quic_connection_t  *qc;
> >>> +
> >>> +    qc = ngx_quic_get_connection(c);
> >>> +
> >>> +    if (path->max_mtu) {
> >>> +        if (path->max_mtu - path->mtu <= NGX_QUIC_PATH_MTU_PRECISION) {
> >>> +            path->state = NGX_QUIC_PATH_IDLE;
> >>> +            ngx_quic_set_path_timer(c);
> >>> +            return;
> >>> +        }
> >>> +
> >>> +        path->mtud = (path->mtu + path->max_mtu) / 2;
> >>> +
> >>> +    } else {
> >>> +        path->mtud = path->mtu + NGX_QUIC_PATH_MTU_STEP;
> >> 
> >> I like this approach, compared to multiplying probe steps.
> >> This better fits to the pattern to keep around a well-known
> >> initial value, which is typically 1500 bytes.
> >> Another one could be to let user specify its own initial
> >> value for cases when he knows well its network environment.
> >> 
> >>> +
> >>> +        if (path->mtud >= qc->ctp.max_udp_payload_size) {
> >>> +            path->mtud = qc->ctp.max_udp_payload_size;
> >>> +            path->max_mtu = qc->ctp.max_udp_payload_size;
> >>> +        }
> >>> +    }
> >>> +
> >>> +    path->state = NGX_QUIC_PATH_WAITING;
> >>> +    path->expires = ngx_current_msec + NGX_QUIC_PATH_MTU_DELAY;
> >>> +
> >>> +    ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
> >>> +                   "quic path seq:%uL schedule mtu:%uz",
> >>> +                   path->seqnum, path->mtud);
> >>> +
> >>> +    ngx_quic_set_path_timer(c);
> >>> +}
> >>> +
> >>> +
> >>> static void
> >>> ngx_quic_set_path_timer(ngx_connection_t *c)
> >>> {
> >>> @@ -578,7 +631,7 @@ ngx_quic_set_path_timer(ngx_connection_t
> >>>    {
> >>>        path = ngx_queue_data(q, ngx_quic_path_t, queue);
> >>> 
> >>> -        if (!path->validating) {
> >>> +        if (path->state == NGX_QUIC_PATH_IDLE) {
> >>>            continue;
> >>>        }
> >>> 
> >>> @@ -600,22 +653,18 @@ ngx_quic_set_path_timer(ngx_connection_t
> >>> 
> >>> 
> >>> void
> >>> -ngx_quic_path_validation_handler(ngx_event_t *ev)
> >>> +ngx_quic_path_handler(ngx_event_t *ev)
> >>> {
> >>>    ngx_msec_t              now;
> >>>    ngx_queue_t            *q;
> >>> -    ngx_msec_int_t          left, next, pto;
> >>> -    ngx_quic_path_t        *path, *bkp;
> >>> +    ngx_msec_int_t          left;
> >>> +    ngx_quic_path_t        *path;
> >>>    ngx_connection_t       *c;
> >>> -    ngx_quic_send_ctx_t    *ctx;
> >>>    ngx_quic_connection_t  *qc;
> >>> 
> >>>    c = ev->data;
> >>>    qc = ngx_quic_get_connection(c);
> >>> 
> >>> -    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
> >>> -
> >>> -    next = -1;
> >>>    now = ngx_current_msec;
> >>> 
> >>>    q = ngx_queue_head(&qc->paths);
> >>> @@ -625,83 +674,274 @@ ngx_quic_path_validation_handler(ngx_eve
> >>>        path = ngx_queue_data(q, ngx_quic_path_t, queue);
> >>>        q = ngx_queue_next(q);
> >>> 
> >>> -        if (!path->validating) {
> >>> +        if (path->state == NGX_QUIC_PATH_IDLE) {
> >>>            continue;
> >>>        }
> >>> 
> >>>        left = path->expires - now;
> >>> 
> >>>        if (left > 0) {
> >>> -
> >>> -            if (next == -1 || left < next) {
> >>> -                next = left;
> >>> -            }
> >>> -
> >>> -            continue;
> >>> -        }
> >>> -
> >>> -        if (++path->tries < NGX_QUIC_PATH_RETRIES) {
> >>> -            pto = ngx_max(ngx_quic_pto(c, ctx), 1000) << path->tries;
> >>> -
> >>> -            path->expires = ngx_current_msec + pto;
> >>> -
> >>> -            if (next == -1 || pto < next) {
> >>> -                next = pto;
> >>> -            }
> >>> -
> >>> -            /* retransmit */
> >>> -            (void) ngx_quic_send_path_challenge(c, path);
> >>> -
> >>>            continue;
> >>>        }
> >>> 
> >>> -        ngx_log_debug1(NGX_LOG_DEBUG_EVENT, ev->log, 0,
> >>> -                       "quic path seq:%uL validation failed", path->seqnum);
> >>> +        switch (path->state) {
> >>> +        case NGX_QUIC_PATH_VALIDATING:
> >>> +             if (ngx_quic_expire_path_validation(c, path) != NGX_OK) {
> >>> +                goto failed;
> >>> +            }
> >>> +
> >>> +            break;
> >>> +
> >>> +        case NGX_QUIC_PATH_WAITING:
> >>> +            if (ngx_quic_expire_path_mtu_delay(c, path) != NGX_OK) {
> >>> +                goto failed;
> >>> +            }
> >>> +
> >>> +            break;
> >>> +
> >>> +        case NGX_QUIC_PATH_DISCOVERING_MTU:
> >>> +            if (ngx_quic_expire_path_mtu_discovery(c, path) != NGX_OK) {
> >>> +                goto failed;
> >>> +             }
> >>> +
> >>> +            break;
> >>> +
> >> 
> >> indentation in several places here
> > 
> > Fixed, thanks.
> > 
> >>> +        default:
> >>> +            break;
> >>> +         }
> >>> +     }
> >>> +
> >>> +    ngx_quic_set_path_timer(c);
> >>> +
> >>> +    return;
> >>> 
> >>> -        /* found expired path */
> >>> +failed:
> >>> +
> >>> +    ngx_quic_close_connection(c, NGX_ERROR);
> >>> +}
> >>> +
> >>> +
> >>> +static ngx_int_t
> >>> +ngx_quic_expire_path_validation(ngx_connection_t *c, ngx_quic_path_t *path)
> >>> +{
> >>> +    ngx_msec_int_t          pto;
> >>> +    ngx_quic_path_t        *bkp;
> >>> +    ngx_quic_send_ctx_t    *ctx;
> >>> +    ngx_quic_connection_t  *qc;
> >>> 
> >>> -        path->validated = 0;
> >>> -        path->validating = 0;
> >>> +    qc = ngx_quic_get_connection(c);
> >>> +    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
> >>> +
> >>> +    if (++path->tries < NGX_QUIC_PATH_RETRIES) {
> >>> +        pto = ngx_max(ngx_quic_pto(c, ctx), 1000) << path->tries;
> >>> +        path->expires = ngx_current_msec + pto;
> >>> +
> >>> +        (void) ngx_quic_send_path_challenge(c, path);
> >>> +
> >>> +        return NGX_OK;
> >>> +    }
> >>> +
> >>> +    ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
> >>> +                   "quic path seq:%uL validation failed", path->seqnum);
> >>> +
> >>> +    /* found expired path */
> >>> +
> >>> +    path->validated = 0;
> >>> 
> >>> 
> >>> -        /* RFC 9000, 9.3.2.  On-Path Address Spoofing
> >>> -         *
> >>> -         * To protect the connection from failing due to such a spurious
> >>> -         * migration, an endpoint MUST revert to using the last validated
> >>> -         * peer address when validation of a new peer address fails.
> >>> -         */
> >>> -
> >>> -        if (qc->path == path) {
> >>> -            /* active path validation failed */
> >>> -
> >>> -            bkp = ngx_quic_get_path(c, NGX_QUIC_PATH_BACKUP);
> >>> +    /* RFC 9000, 9.3.2.  On-Path Address Spoofing
> >>> +     *
> >>> +     * To protect the connection from failing due to such a spurious
> >>> +     * migration, an endpoint MUST revert to using the last validated
> >>> +     * peer address when validation of a new peer address fails.
> >>> +     */
> >>> 
> >>> -            if (bkp == NULL) {
> >>> -                qc->error = NGX_QUIC_ERR_NO_VIABLE_PATH;
> >>> -                qc->error_reason = "no viable path";
> >>> -                ngx_quic_close_connection(c, NGX_ERROR);
> >>> -                return;
> >>> -            }
> >>> +    if (qc->path == path) {
> >>> +        /* active path validation failed */
> >>> +
> >>> +        bkp = ngx_quic_get_path(c, NGX_QUIC_PATH_BACKUP);
> >>> 
> >>> -            qc->path = bkp;
> >>> -            qc->path->tag = NGX_QUIC_PATH_ACTIVE;
> >>> -
> >>> -            ngx_quic_set_connection_path(c, qc->path);
> >>> -
> >>> -            ngx_log_error(NGX_LOG_INFO, c->log, 0,
> >>> -                          "quic path seq:%uL addr:%V is restored from backup",
> >>> -                          qc->path->seqnum, &qc->path->addr_text);
> >>> -
> >>> -            ngx_quic_path_dbg(c, "is active", qc->path);
> >>> +        if (bkp == NULL) {
> >>> +            qc->error = NGX_QUIC_ERR_NO_VIABLE_PATH;
> >>> +            qc->error_reason = "no viable path";
> >>> +            return NGX_ERROR;
> >>>        }
> >>> 
> >>> -        if (ngx_quic_free_path(c, path) != NGX_OK) {
> >>> -            ngx_quic_close_connection(c, NGX_ERROR);
> >>> -            return;
> >>> +        qc->path = bkp;
> >>> +        qc->path->tag = NGX_QUIC_PATH_ACTIVE;
> >>> +
> >>> +        ngx_quic_set_connection_path(c, qc->path);
> >>> +
> >>> +        ngx_log_error(NGX_LOG_INFO, c->log, 0,
> >>> +                      "quic path seq:%uL addr:%V is restored from backup",
> >>> +                      qc->path->seqnum, &qc->path->addr_text);
> >>> +
> >>> +        ngx_quic_path_dbg(c, "is active", qc->path);
> >>> +    }
> >>> +
> >>> +    return ngx_quic_free_path(c, path);
> >>> +}
> >>> +
> >>> +
> >>> +static ngx_int_t
> >>> +ngx_quic_expire_path_mtu_delay(ngx_connection_t *c, ngx_quic_path_t *path)
> >>> +{
> >>> +    ngx_int_t               rc;
> >>> +    ngx_uint_t              i;
> >>> +    ngx_msec_t              pto;
> >>> +    ngx_quic_send_ctx_t    *ctx;
> >>> +    ngx_quic_connection_t  *qc;
> >>> +
> >>> +    qc = ngx_quic_get_connection(c);
> >>> +    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
> >>> +
> >>> +    path->tries = 0;
> >>> +
> >>> +    for ( ;; ) {
> >>> +
> >>> +        for (i = 0; i < NGX_QUIC_PATH_RETRIES; i++) {
> >>> +            path->mtu_pnum[i] = NGX_QUIC_UNSET_PN;
> >>> +        }
> >>> +
> >>> +        rc = ngx_quic_send_path_mtu_probe(c, path);
> >>> +
> >>> +        if (rc == NGX_ERROR) {
> >>> +            return NGX_ERROR;
> >>> +        }
> >>> +
> >>> +        if (rc == NGX_OK) {
> >>> +            pto = ngx_quic_pto(c, ctx);
> >>> +            path->expires = ngx_current_msec + pto;
> >>> +            path->state = NGX_QUIC_PATH_DISCOVERING_MTU;
> >>> +            return NGX_OK;
> >>> +        }
> >>> +
> >>> +        /* rc == NGX_DECLINED */
> >>> +
> >>> +        path->max_mtu = path->mtud;
> >>> +
> >>> +        if (path->max_mtu - path->mtu <= NGX_QUIC_PATH_MTU_PRECISION) {
> >>> +            path->state = NGX_QUIC_PATH_IDLE;
> >>> +            return NGX_OK;
> >>> +        }
> >>> +
> >>> +        path->mtud = (path->mtu + path->max_mtu) / 2;
> >>> +    }
> >>> +}
> >>> +
> >>> +
> >>> +static ngx_int_t
> >>> +ngx_quic_expire_path_mtu_discovery(ngx_connection_t *c, ngx_quic_path_t *path)
> >>> +{
> >>> +    ngx_int_t               rc;
> >>> +    ngx_msec_int_t          pto;
> >>> +    ngx_quic_send_ctx_t    *ctx;
> >>> +    ngx_quic_connection_t  *qc;
> >>> +
> >>> +    qc = ngx_quic_get_connection(c);
> >>> +    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
> >>> +
> >>> +    if (++path->tries < NGX_QUIC_PATH_RETRIES) {
> >>> +        pto = ngx_quic_pto(c, ctx) << path->tries;
> >>> +        path->expires = ngx_current_msec + pto;
> >>> +
> >> 
> >> Setting path->expires there seems useless.
> >> It don't seem to be used in ngx_quic_send_path_mtu_probe(),
> >> and ngx_quic_discover_path_mtu() used to reset path->expires.
> > 
> > If ngx_quic_send_path_mtu_probe() below returns NGX_OK, the path should stay
> > in the same state, but expiration time should be advanced.  To make it
> > more obvious, I changed this code.
> 
> Updated code makes it clear, thanks.
> 
> > 
> >>> +        rc = ngx_quic_send_path_mtu_probe(c, path);
> >>> +        if (rc != NGX_DECLINED) {
> >>> +            return rc;
> >>>        }
> >>>    }
> >>> 
> >>> -    if (next != -1) {
> >>> -        ngx_add_timer(&qc->path_validation, next);
> >>> +    ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
> >>> +                   "quic path seq:%uL expired mtu:%uz",
> >>> +                   path->seqnum, path->mtud);
> >>> +
> >>> +    path->max_mtu = path->mtud;
> >>> +
> >>> +    ngx_quic_discover_path_mtu(c, path);
> >>> +
> >>> +    return NGX_OK;
> >>> +}
> >>> +
> >>> +
> >>> +static ngx_int_t
> >>> +ngx_quic_send_path_mtu_probe(ngx_connection_t *c, ngx_quic_path_t *path)
> >>> +{
> >>> +    ngx_int_t               rc;
> >>> +    ngx_uint_t              log_error;
> >>> +    ngx_quic_frame_t        frame;
> >>> +    ngx_quic_send_ctx_t    *ctx;
> >>> +    ngx_quic_connection_t  *qc;
> >>> +
> >>> +    ngx_memzero(&frame, sizeof(ngx_quic_frame_t));
> >>> +
> >>> +    frame.level = ssl_encryption_application;
> >>> +    frame.type = NGX_QUIC_FT_PING;
> >>> +
> >>> +    qc = ngx_quic_get_connection(c);
> >>> +    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
> >>> +    path->mtu_pnum[path->tries] = ctx->pnum;
> >>> +
> >>> +    ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0,
> >>> +                   "quic path seq:%uL send probe "
> >>> +                   "mtu:%uz pnum:%uL tries:%ui",
> >>> +                   path->seqnum, path->mtud, ctx->pnum, path->tries);
> >>> +
> >>> +    log_error = c->log_error;
> >>> +    c->log_error = NGX_ERROR_IGNORE_EMSGSIZE;
> >>> +
> >>> +    rc = ngx_quic_frame_sendto(c, &frame, path->mtud, path);
> >>> +    c->log_error = log_error;
> >>> +
> >>> +    if (rc == NGX_ERROR) {
> >>> +        if (c->write->error) {
> >>> +            c->write->error = 0;
> >>> +
> >>> +            ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
> >>> +                           "quic path seq:%uL rejected mtu:%uz",
> >>> +                           path->seqnum, path->mtud);
> >>> +
> >>> +            return NGX_DECLINED;
> >> 
> >> The error handling looks awkward to decline on write error.
> >> ngx_sendmsg() sets write error on fatal sendmsg errors,
> >> and keeps it unset NGX_EAGAIN and NGX_EINTR, which
> >> are typically non-fatal transient errors.
> >> I understand this is done mostly to ignore EMSGSIZE,
> >> maybe it makes sense to ignore the rest sendmsg() errors.
> > 
> > The problem is, the error doesn't make it to this point.  All be have here is
> > NGX_ERROR and c->write->error.  I think, for PMTUD purposes we can safely
> > ignore the errors.  It's hinghly likely, the error will repeat while doing
> > connection I/O and we'll shortly close the connection.
> 
> Ok, I re-read ngx_sendmsg() to clarify the following:
> - NGX_EINTR is handled internally and never returned up to here;
> - NGX_EAGAIN (NGX_AGAIN) seems to be returned, at least on Linux,
>   when send buffer is low for the MTU probe, converted to NGX_OK;
> - FTR, looking at sosend_dgram() on FreeBSD, sendmsg seems to
>   return EMSGSIZE there, instead, on low socket buffer space;
> - other sendmsg errors are returned as NGX_ERROR, and
>   c->write->error is set; this is converted to NGX_DECLINED;
> - non-sendmsg NGX_ERRORs appeared in ngx_quic_frame_sendto()
>   are passed as is without conversion.
> 
> So, the error handling as implemented to decline on any sendmsg
> "fatal" errors actually makes sense, if we'd like to avoid rewriting
> ngx_sendmsg() to further distinguish sendmsg errors, notably EMSGSIZE.
> The downside is that connection may ignore actually fatal errors,
> though the error will likely repeat on sending non-probing frames.
> 
> NGX_AGAIN conversion to NGX_OK is questionable, because this
> makes a probe considered successfully sent while it is not.
> I wonder though what we can do about that other than to simply
> ignore, similar to other ngx_quic_frame_sendto() callers,
> because next time on a probe retry sendmsg can return success.

Ignoring certain send error for probes is not a big deal since timeout
expiration will lead to the same result eventually.

> >>> +        }
> >>> +
> >>> +        return NGX_ERROR;
> >>>    }
> >>> +
> >>> +    return NGX_OK;
> >>> }
> >>> +
> >>> +
> >>> +ngx_int_t
> >>> +ngx_quic_handle_path_mtu_ack(ngx_connection_t *c, ngx_quic_path_t *path,
> >>> +    uint64_t min, uint64_t max)
> >>> +{
> >>> +    uint64_t    pnum;
> >>> +    ngx_uint_t  i;
> >>> +
> >>> +    if (path->state != NGX_QUIC_PATH_DISCOVERING_MTU) {
> >>> +        return NGX_OK;
> >>> +    }
> >>> +
> >>> +    for (i = 0; i < NGX_QUIC_PATH_RETRIES; i++) {
> >>> +        pnum = path->mtu_pnum[i];
> >>> +
> >>> +        if (pnum == NGX_QUIC_UNSET_PN) {
> >>> +            break;
> >>> +        }
> >>> +
> >>> +        if (pnum < min || pnum > max) {
> >>> +            continue;
> >>> +        }
> >>> +
> >>> +        path->mtu = path->mtud;
> >>> +
> >>> +        ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
> >>> +                       "quic path seq:%uL ack mtu:%uz",
> >>> +                       path->seqnum, path->mtu);
> >>> +
> >>> +        ngx_quic_discover_path_mtu(c, path);
> >>> +
> >>> +        break;
> >> 
> >> What if two probes appeared ACKed in one range.
> >> Though that seems to be safe to break there, as two
> >> probes barely have different probe sizes, rather retries.
> > 
> > No matter how many probes are acked, the next step is still the same.
> > So there's no reason to find all of them.
> > 
> 
> Ok, let's leave it as is.
> 
> >>> +    }
> >>> +
> >>> +    return NGX_OK;
> >>> +}
> >>> diff --git a/src/event/quic/ngx_event_quic_migration.h b/src/event/quic/ngx_event_quic_migration.h
> >>> --- a/src/event/quic/ngx_event_quic_migration.h
> >>> +++ b/src/event/quic/ngx_event_quic_migration.h
> >>> @@ -18,10 +18,10 @@
> >>> #define NGX_QUIC_PATH_BACKUP    2
> >>> 
> >>> #define ngx_quic_path_dbg(c, msg, path)                                       \
> >>> -    ngx_log_debug6(NGX_LOG_DEBUG_EVENT, c->log, 0,                            \
> >>> -                   "quic path seq:%uL %s sent:%O recvd:%O state:%s%s",        \
> >>> +    ngx_log_debug7(NGX_LOG_DEBUG_EVENT, c->log, 0,                            \
> >>> +                   "quic path seq:%uL %s tx:%O rx:%O valid:%d st:%d mtu:%uz", \
> >>>                   path->seqnum, msg, path->sent, path->received,             \
> >>> -                   path->validated ? "V": "N", path->validating ? "R": "");
> >>> +                   path->validated, path->state, path->mtu);
> >>> 
> >>> ngx_int_t ngx_quic_handle_path_challenge_frame(ngx_connection_t *c,
> >>>    ngx_quic_header_t *pkt, ngx_quic_path_challenge_frame_t *f);
> >>> @@ -36,6 +36,10 @@ ngx_int_t ngx_quic_set_path(ngx_connecti
> >>> ngx_int_t ngx_quic_handle_migration(ngx_connection_t *c,
> >>>    ngx_quic_header_t *pkt);
> >>> 
> >>> -void ngx_quic_path_validation_handler(ngx_event_t *ev);
> >>> +void ngx_quic_path_handler(ngx_event_t *ev);
> >>> +
> >>> +void ngx_quic_discover_path_mtu(ngx_connection_t *c, ngx_quic_path_t *path);
> >>> +ngx_int_t ngx_quic_handle_path_mtu_ack(ngx_connection_t *c,
> >>> +    ngx_quic_path_t *path, uint64_t min, uint64_t max);
> >> 
> >> Nitpicking:
> >> maybe just ngx_quic_handle_path_mtu() ?
> >> This would match ngx_quic_discover_path_mtu() naming.
> > 
> > OK, renamed.
> > 
> >>> 
> >>> #endif /* _NGX_EVENT_QUIC_MIGRATION_H_INCLUDED_ */
> >>> diff --git a/src/event/quic/ngx_event_quic_output.c b/src/event/quic/ngx_event_quic_output.c
> >>> --- a/src/event/quic/ngx_event_quic_output.c
> >>> +++ b/src/event/quic/ngx_event_quic_output.c
> >>> @@ -10,9 +10,6 @@
> >>> #include <ngx_event_quic_connection.h>
> >>> 
> >>> 
> >>> -#define NGX_QUIC_MAX_UDP_PAYLOAD_OUT   1252
> >>> -#define NGX_QUIC_MAX_UDP_PAYLOAD_OUT6  1232
> >>> -
> >>> #define NGX_QUIC_MAX_UDP_SEGMENT_BUF  65487 /* 65K - IPv6 header */
> >>> #define NGX_QUIC_MAX_SEGMENTS            64 /* UDP_MAX_SEGMENTS */
> >>> 
> >>> @@ -61,21 +58,6 @@ static size_t ngx_quic_path_limit(ngx_co
> >>>    size_t size);
> >>> 
> >>> 
> >>> -size_t
> >>> -ngx_quic_max_udp_payload(ngx_connection_t *c)
> >>> -{
> >>> -    /* TODO: path MTU discovery */
> >>> -
> >>> -#if (NGX_HAVE_INET6)
> >>> -    if (c->sockaddr->sa_family == AF_INET6) {
> >>> -        return NGX_QUIC_MAX_UDP_PAYLOAD_OUT6;
> >>> -    }
> >>> -#endif
> >>> -
> >>> -    return NGX_QUIC_MAX_UDP_PAYLOAD_OUT;
> >>> -}
> >>> -
> >>> -
> >>> ngx_int_t
> >>> ngx_quic_output(ngx_connection_t *c)
> >>> {
> >>> @@ -142,10 +124,7 @@ ngx_quic_create_datagrams(ngx_connection
> >>> 
> >>>        p = dst;
> >>> 
> >>> -        len = ngx_min(qc->ctp.max_udp_payload_size,
> >>> -                      NGX_QUIC_MAX_UDP_PAYLOAD_SIZE);
> >>> -
> >>> -        len = ngx_quic_path_limit(c, path, len);
> >>> +        len = ngx_quic_path_limit(c, path, path->mtu);
> >>> 
> >>>        pad = ngx_quic_get_padding_level(c);
> >>> 
> >>> @@ -299,9 +278,7 @@ ngx_quic_allow_segmentation(ngx_connecti
> >>>    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
> >>> 
> >>>    bytes = 0;
> >>> -
> >>> -    len = ngx_min(qc->ctp.max_udp_payload_size,
> >>> -                  NGX_QUIC_MAX_UDP_SEGMENT_BUF);
> >>> +    len = ngx_min(qc->path->mtu, NGX_QUIC_MAX_UDP_SEGMENT_BUF);
> >>> 
> >>>    for (q = ngx_queue_head(&ctx->frames);
> >>>         q != ngx_queue_sentinel(&ctx->frames);
> >>> @@ -345,8 +322,7 @@ ngx_quic_create_segments(ngx_connection_
> >>>        return NGX_ERROR;
> >>>    }
> >>> 
> >>> -    segsize = ngx_min(qc->ctp.max_udp_payload_size,
> >>> -                      NGX_QUIC_MAX_UDP_SEGMENT_BUF);
> >>> +    segsize = ngx_min(path->mtu, NGX_QUIC_MAX_UDP_SEGMENT_BUF);
> >>>    p = dst;
> >>>    end = dst + sizeof(dst);
> >>> 
> >>> diff --git a/src/event/quic/ngx_event_quic_output.h b/src/event/quic/ngx_event_quic_output.h
> >>> --- a/src/event/quic/ngx_event_quic_output.h
> >>> +++ b/src/event/quic/ngx_event_quic_output.h
> >>> @@ -12,8 +12,6 @@
> >>> #include <ngx_core.h>
> >>> 
> >>> 
> >>> -size_t ngx_quic_max_udp_payload(ngx_connection_t *c);
> >>> -
> >>> ngx_int_t ngx_quic_output(ngx_connection_t *c);
> >>> 
> >>> ngx_int_t ngx_quic_negotiate_version(ngx_connection_t *c,
> >>> diff --git a/src/event/quic/ngx_event_quic_ssl.c b/src/event/quic/ngx_event_quic_ssl.c
> >>> --- a/src/event/quic/ngx_event_quic_ssl.c
> >>> +++ b/src/event/quic/ngx_event_quic_ssl.c
> >>> @@ -494,6 +494,8 @@ ngx_quic_crypto_input(ngx_connection_t *
> >>>     */
> >>>    ngx_quic_discard_ctx(c, ssl_encryption_handshake);
> >>> 
> >>> +    ngx_quic_discover_path_mtu(c, qc->path);
> >>> +
> >>>    /* start accepting clients on negotiated number of server ids */
> >>>    if (ngx_quic_create_sockets(c) != NGX_OK) {
> >>>        return NGX_ERROR;
> >>> diff --git a/src/os/unix/ngx_errno.h b/src/os/unix/ngx_errno.h
> >>> --- a/src/os/unix/ngx_errno.h
> >>> +++ b/src/os/unix/ngx_errno.h
> >>> @@ -54,6 +54,7 @@ typedef int               ngx_err_t;
> >>> #define NGX_ENOMOREFILES  0
> >>> #define NGX_ELOOP         ELOOP
> >>> #define NGX_EBADF         EBADF
> >>> +#define NGX_EMSGSIZE      EMSGSIZE
> >>> 
> >>> #if (NGX_HAVE_OPENAT)
> >>> #define NGX_EMLINK        EMLINK
> 
> This will break on win32, an NGX_EMSGSIZE definition needs to be
> provided there, which is WSAEMSGSIZE.

Thanks, fixed.

> > 
> > The diff is attached.
> > 
> 
> The diff looks good.

Also, with step-based mtu step updates, QUIC flood detection is triggered with
the h3_keepalive.t on interfaces with large mtu.  I think, doubling mtu
is a safer choice.

Also, while looking in migration test logs, I thought it might be a good idea to
only handle validation/mtu events for the currently active path.

Including 3 patch updates:

- the last one + win32 fix + format fix in ngx_quic_path_dbg()
- x2 mtu
- single-path event handling

--
Roman Arutyunyan
-------------- next part --------------
# HG changeset patch
# User Roman Arutyunyan <arut at nginx.com>
# Date 1691659587 -14400
#      Thu Aug 10 13:26:27 2023 +0400
# Node ID f32413c9248be3c14dae07453e95161b975066bd
# Parent  1f0ec6bca996556d100338b83de439ac702e5e44
[mq]: quic-pmtud-fix

diff --git a/src/event/quic/ngx_event_quic_ack.c b/src/event/quic/ngx_event_quic_ack.c
--- a/src/event/quic/ngx_event_quic_ack.c
+++ b/src/event/quic/ngx_event_quic_ack.c
@@ -230,7 +230,7 @@ ngx_quic_handle_ack_frame_range(ngx_conn
     qc = ngx_quic_get_connection(c);
 
     if (ctx->level == ssl_encryption_application) {
-        if (ngx_quic_handle_path_mtu_ack(c, qc->path, min, max) != NGX_OK) {
+        if (ngx_quic_handle_path_mtu(c, qc->path, min, max) != NGX_OK) {
             return NGX_ERROR;
         }
     }
diff --git a/src/event/quic/ngx_event_quic_connection.h b/src/event/quic/ngx_event_quic_connection.h
--- a/src/event/quic/ngx_event_quic_connection.h
+++ b/src/event/quic/ngx_event_quic_connection.h
@@ -70,7 +70,7 @@ typedef enum {
     NGX_QUIC_PATH_IDLE = 0,
     NGX_QUIC_PATH_VALIDATING,
     NGX_QUIC_PATH_WAITING,
-    NGX_QUIC_PATH_DISCOVERING_MTU
+    NGX_QUIC_PATH_MTUD
 } ngx_quic_path_state_e;
 
 
diff --git a/src/event/quic/ngx_event_quic_migration.c b/src/event/quic/ngx_event_quic_migration.c
--- a/src/event/quic/ngx_event_quic_migration.c
+++ b/src/event/quic/ngx_event_quic_migration.c
@@ -10,7 +10,7 @@
 #include <ngx_event_quic_connection.h>
 
 
-#define NGX_QUIC_PATH_MTU_DELAY       1000
+#define NGX_QUIC_PATH_MTU_DELAY       100
 #define NGX_QUIC_PATH_MTU_STEP        256
 #define NGX_QUIC_PATH_MTU_PRECISION   16
 
@@ -686,7 +686,7 @@ ngx_quic_path_handler(ngx_event_t *ev)
 
         switch (path->state) {
         case NGX_QUIC_PATH_VALIDATING:
-             if (ngx_quic_expire_path_validation(c, path) != NGX_OK) {
+            if (ngx_quic_expire_path_validation(c, path) != NGX_OK) {
                 goto failed;
             }
 
@@ -699,17 +699,17 @@ ngx_quic_path_handler(ngx_event_t *ev)
 
             break;
 
-        case NGX_QUIC_PATH_DISCOVERING_MTU:
+        case NGX_QUIC_PATH_MTUD:
             if (ngx_quic_expire_path_mtu_discovery(c, path) != NGX_OK) {
                 goto failed;
-             }
+            }
 
             break;
 
         default:
             break;
-         }
-     }
+        }
+    }
 
     ngx_quic_set_path_timer(c);
 
@@ -812,7 +812,7 @@ ngx_quic_expire_path_mtu_delay(ngx_conne
         if (rc == NGX_OK) {
             pto = ngx_quic_pto(c, ctx);
             path->expires = ngx_current_msec + pto;
-            path->state = NGX_QUIC_PATH_DISCOVERING_MTU;
+            path->state = NGX_QUIC_PATH_MTUD;
             return NGX_OK;
         }
 
@@ -842,13 +842,19 @@ ngx_quic_expire_path_mtu_discovery(ngx_c
     ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
 
     if (++path->tries < NGX_QUIC_PATH_RETRIES) {
-        pto = ngx_quic_pto(c, ctx) << path->tries;
-        path->expires = ngx_current_msec + pto;
+        rc = ngx_quic_send_path_mtu_probe(c, path);
+
+        if (rc == NGX_ERROR) {
+            return NGX_ERROR;
+        }
 
-        rc = ngx_quic_send_path_mtu_probe(c, path);
-        if (rc != NGX_DECLINED) {
-            return rc;
+        if (rc == NGX_OK) {
+            pto = ngx_quic_pto(c, ctx) << path->tries;
+            path->expires = ngx_current_msec + pto;
+            return NGX_OK;
         }
+
+        /* rc == NGX_DECLINED */
     }
 
     ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
@@ -911,13 +917,13 @@ ngx_quic_send_path_mtu_probe(ngx_connect
 
 
 ngx_int_t
-ngx_quic_handle_path_mtu_ack(ngx_connection_t *c, ngx_quic_path_t *path,
+ngx_quic_handle_path_mtu(ngx_connection_t *c, ngx_quic_path_t *path,
     uint64_t min, uint64_t max)
 {
     uint64_t    pnum;
     ngx_uint_t  i;
 
-    if (path->state != NGX_QUIC_PATH_DISCOVERING_MTU) {
+    if (path->state != NGX_QUIC_PATH_MTUD) {
         return NGX_OK;
     }
 
diff --git a/src/event/quic/ngx_event_quic_migration.h b/src/event/quic/ngx_event_quic_migration.h
--- a/src/event/quic/ngx_event_quic_migration.h
+++ b/src/event/quic/ngx_event_quic_migration.h
@@ -19,7 +19,7 @@
 
 #define ngx_quic_path_dbg(c, msg, path)                                       \
     ngx_log_debug7(NGX_LOG_DEBUG_EVENT, c->log, 0,                            \
-                   "quic path seq:%uL %s tx:%O rx:%O valid:%d st:%d mtu:%uz", \
+                   "quic path seq:%uL %s tx:%O rx:%O valid:%ui st:%d mtu:%uz",\
                    path->seqnum, msg, path->sent, path->received,             \
                    path->validated, path->state, path->mtu);
 
@@ -39,7 +39,7 @@ ngx_int_t ngx_quic_handle_migration(ngx_
 void ngx_quic_path_handler(ngx_event_t *ev);
 
 void ngx_quic_discover_path_mtu(ngx_connection_t *c, ngx_quic_path_t *path);
-ngx_int_t ngx_quic_handle_path_mtu_ack(ngx_connection_t *c,
+ngx_int_t ngx_quic_handle_path_mtu(ngx_connection_t *c,
     ngx_quic_path_t *path, uint64_t min, uint64_t max);
 
 #endif /* _NGX_EVENT_QUIC_MIGRATION_H_INCLUDED_ */
diff --git a/src/os/win32/ngx_errno.h b/src/os/win32/ngx_errno.h
--- a/src/os/win32/ngx_errno.h
+++ b/src/os/win32/ngx_errno.h
@@ -57,6 +57,7 @@ typedef DWORD                      ngx_e
 #define NGX_EILSEQ                 ERROR_NO_UNICODE_TRANSLATION
 #define NGX_ELOOP                  0
 #define NGX_EBADF                  WSAEBADF
+#define NGX_EMSGSIZE               WSAEMSGSIZE
 
 #define NGX_EALREADY               WSAEALREADY
 #define NGX_EINVAL                 WSAEINVAL
-------------- next part --------------
# HG changeset patch
# User Roman Arutyunyan <arut at nginx.com>
# Date 1691658222 -14400
#      Thu Aug 10 13:03:42 2023 +0400
# Node ID c224ba25ab49481f3e045e4f348a644ac965bf37
# Parent  02241bd4010398d1b5afa3a18bb4510ae54ea4a9
[mq]: quic-pmtud-scale-x2

diff --git a/src/event/quic/ngx_event_quic_migration.c b/src/event/quic/ngx_event_quic_migration.c
--- a/src/event/quic/ngx_event_quic_migration.c
+++ b/src/event/quic/ngx_event_quic_migration.c
@@ -11,7 +11,6 @@
 
 
 #define NGX_QUIC_PATH_MTU_DELAY       100
-#define NGX_QUIC_PATH_MTU_STEP        256
 #define NGX_QUIC_PATH_MTU_PRECISION   16
 
 
@@ -592,7 +591,7 @@ ngx_quic_discover_path_mtu(ngx_connectio
         path->mtud = (path->mtu + path->max_mtu) / 2;
 
     } else {
-        path->mtud = path->mtu + NGX_QUIC_PATH_MTU_STEP;
+        path->mtud = path->mtu * 2;
 
         if (path->mtud >= qc->ctp.max_udp_payload_size) {
             path->mtud = qc->ctp.max_udp_payload_size;
-------------- next part --------------
# HG changeset patch
# User Roman Arutyunyan <arut at nginx.com>
# Date 1691653593 -14400
#      Thu Aug 10 11:46:33 2023 +0400
# Node ID daa3dbcfb366894dbd02e122fb6cefb2e13543b1
# Parent  c224ba25ab49481f3e045e4f348a644ac965bf37
imported patch quic-pmtud-fix-2

diff --git a/src/event/quic/ngx_event_quic_migration.c b/src/event/quic/ngx_event_quic_migration.c
--- a/src/event/quic/ngx_event_quic_migration.c
+++ b/src/event/quic/ngx_event_quic_migration.c
@@ -478,6 +478,8 @@ ngx_quic_handle_migration(ngx_connection
     qc->path = next;
     qc->path->tag = NGX_QUIC_PATH_ACTIVE;
 
+    ngx_quic_set_path_timer(c);
+
     ngx_quic_set_connection_path(c, next);
 
     if (!next->validated && next->state != NGX_QUIC_PATH_VALIDATING) {
@@ -614,38 +616,25 @@ static void
 ngx_quic_set_path_timer(ngx_connection_t *c)
 {
     ngx_msec_t              now;
-    ngx_queue_t            *q;
-    ngx_msec_int_t          left, next;
+    ngx_msec_int_t          left;
     ngx_quic_path_t        *path;
     ngx_quic_connection_t  *qc;
 
     qc = ngx_quic_get_connection(c);
 
-    now = ngx_current_msec;
-    next = -1;
+    path = qc->path;
 
-    for (q = ngx_queue_head(&qc->paths);
-         q != ngx_queue_sentinel(&qc->paths);
-         q = ngx_queue_next(q))
-    {
-        path = ngx_queue_data(q, ngx_quic_path_t, queue);
-
-        if (path->state == NGX_QUIC_PATH_IDLE) {
-            continue;
-        }
+    if (path->state != NGX_QUIC_PATH_IDLE) {
+        now = ngx_current_msec;
 
         left = path->expires - now;
         left = ngx_max(left, 1);
 
-        if (next == -1 || left < next) {
-            next = left;
-        }
+        ngx_add_timer(&qc->path_validation, left);
+        return;
     }
 
-    if (next != -1) {
-        ngx_add_timer(&qc->path_validation, next);
-
-    } else if (qc->path_validation.timer_set) {
+    if (qc->path_validation.timer_set) {
         ngx_del_timer(&qc->path_validation);
     }
 }
@@ -655,7 +644,6 @@ void
 ngx_quic_path_handler(ngx_event_t *ev)
 {
     ngx_msec_t              now;
-    ngx_queue_t            *q;
     ngx_msec_int_t          left;
     ngx_quic_path_t        *path;
     ngx_connection_t       *c;
@@ -666,50 +654,46 @@ ngx_quic_path_handler(ngx_event_t *ev)
 
     now = ngx_current_msec;
 
-    q = ngx_queue_head(&qc->paths);
+    path = qc->path;
 
-    while (q != ngx_queue_sentinel(&qc->paths)) {
+    if (path->state == NGX_QUIC_PATH_IDLE) {
+        goto done;
+    }
 
-        path = ngx_queue_data(q, ngx_quic_path_t, queue);
-        q = ngx_queue_next(q);
+    left = path->expires - now;
 
-        if (path->state == NGX_QUIC_PATH_IDLE) {
-            continue;
-        }
+    if (left > 0) {
+        goto done;
+    }
 
-        left = path->expires - now;
-
-        if (left > 0) {
-            continue;
+    switch (path->state) {
+    case NGX_QUIC_PATH_VALIDATING:
+        if (ngx_quic_expire_path_validation(c, path) != NGX_OK) {
+            goto failed;
         }
 
-        switch (path->state) {
-        case NGX_QUIC_PATH_VALIDATING:
-            if (ngx_quic_expire_path_validation(c, path) != NGX_OK) {
-                goto failed;
-            }
+        break;
 
-            break;
+    case NGX_QUIC_PATH_WAITING:
+        if (ngx_quic_expire_path_mtu_delay(c, path) != NGX_OK) {
+            goto failed;
+        }
 
-        case NGX_QUIC_PATH_WAITING:
-            if (ngx_quic_expire_path_mtu_delay(c, path) != NGX_OK) {
-                goto failed;
-            }
+        break;
 
-            break;
-
-        case NGX_QUIC_PATH_MTUD:
-            if (ngx_quic_expire_path_mtu_discovery(c, path) != NGX_OK) {
-                goto failed;
-            }
+    case NGX_QUIC_PATH_MTUD:
+        if (ngx_quic_expire_path_mtu_discovery(c, path) != NGX_OK) {
+            goto failed;
+        }
 
-            break;
+        break;
 
-        default:
-            break;
-        }
+    default:
+        break;
     }
 
+done:
+
     ngx_quic_set_path_timer(c);
 
     return;
@@ -769,6 +753,8 @@ ngx_quic_expire_path_validation(ngx_conn
         qc->path = bkp;
         qc->path->tag = NGX_QUIC_PATH_ACTIVE;
 
+        ngx_quic_set_path_timer(c);
+
         ngx_quic_set_connection_path(c, qc->path);
 
         ngx_log_error(NGX_LOG_INFO, c->log, 0,

From pluknet at nginx.com  Thu Aug 10 14:18:02 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Thu, 10 Aug 2023 18:18:02 +0400
Subject: [PATCH 4 of 4] QUIC: path MTU discovery
In-Reply-To: <20230810101847.cm67i7de54tloz2c@N00W24XTQX>
References: <patchbomb.1688651833@arut-laptop>
 <1a49fd5d2013b6c8d502.1688651837@arut-laptop>
 <E772A710-B4FC-4A53-8489-DEC5586B29E7@nginx.com>
 <20230731173420.v7dq7bktey2ox4s2@N00W24XTQX>
 <7AACA0BF-BDEA-4546-9673-27D57340EC1E@nginx.com>
 <20230810101847.cm67i7de54tloz2c@N00W24XTQX>
Message-ID: <CF75A620-01D9-46DA-B114-CFD7D18EAAE1@nginx.com>


> On 10 Aug 2023, at 14:21, Roman Arutyunyan <arut at nginx.com> wrote:
> 
> On Tue, Aug 08, 2023 at 01:49:46PM +0400, Sergey Kandaurov wrote:
> Hi,
> 
>> 
>>> On 31 Jul 2023, at 21:34, Roman Arutyunyan <arut at nginx.com> wrote:
>>> 
>>> Hi,
>>> 
>>> On Fri, Jul 28, 2023 at 07:51:22PM +0400, Sergey Kandaurov wrote:
>>>> 
>>>>> On 6 Jul 2023, at 17:57, Roman Arutyunyan <arut at nginx.com> wrote:
>>>>> 
>>>>> # HG changeset patch
>>>>> # User Roman Arutyunyan <arut at nginx.com>
>>>>> # Date 1688481216 -14400
>>>>> #      Tue Jul 04 18:33:36 2023 +0400
>>>>> # Node ID 1a49fd5d2013b6c8d50263499e6ced440927e949
>>>>> # Parent  a1ea543d009311765144351b2557c00c8e6445bf
>>>>> QUIC: path MTU discovery.
>>>>> 
>>>>> MTU selection starts by stepping up until the first failure.  Then binary
>>>>> search is used to find the path MTU.
>>>>> 
>>>>> diff --git a/src/core/ngx_connection.c b/src/core/ngx_connection.c
>>>>> --- a/src/core/ngx_connection.c
>>>>> +++ b/src/core/ngx_connection.c
>>>>> @@ -1583,6 +1583,10 @@ ngx_connection_error(ngx_connection_t *c
>>>>>   }
>>>>> #endif
>>>>> 
>>>>> +    if (err == NGX_EMSGSIZE && c->log_error == NGX_ERROR_IGNORE_EMSGSIZE) {
>>>>> +        return 0;
>>>>> +    }
>>>>> +
>>>>>   if (err == 0
>>>>>       || err == NGX_ECONNRESET
>>>>> #if (NGX_WIN32)
>>>>> @@ -1600,6 +1604,7 @@ ngx_connection_error(ngx_connection_t *c
>>>>>   {
>>>>>       switch (c->log_error) {
>>>>> 
>>>>> +        case NGX_ERROR_IGNORE_EMSGSIZE:
>>>>>       case NGX_ERROR_IGNORE_EINVAL:
>>>>>       case NGX_ERROR_IGNORE_ECONNRESET:
>>>>>       case NGX_ERROR_INFO:
>>>>> diff --git a/src/core/ngx_connection.h b/src/core/ngx_connection.h
>>>>> --- a/src/core/ngx_connection.h
>>>>> +++ b/src/core/ngx_connection.h
>>>>> @@ -97,7 +97,8 @@ typedef enum {
>>>>>   NGX_ERROR_ERR,
>>>>>   NGX_ERROR_INFO,
>>>>>   NGX_ERROR_IGNORE_ECONNRESET,
>>>>> -    NGX_ERROR_IGNORE_EINVAL
>>>>> +    NGX_ERROR_IGNORE_EINVAL,
>>>>> +    NGX_ERROR_IGNORE_EMSGSIZE
>>>>> } ngx_connection_log_error_e;
>>>>> 
>>>>> 
>>>>> diff --git a/src/event/quic/ngx_event_quic.c b/src/event/quic/ngx_event_quic.c
>>>>> --- a/src/event/quic/ngx_event_quic.c
>>>>> +++ b/src/event/quic/ngx_event_quic.c
>>>>> @@ -149,11 +149,6 @@ ngx_quic_apply_transport_params(ngx_conn
>>>>>       ngx_log_error(NGX_LOG_INFO, c->log, 0,
>>>>>                     "quic maximum packet size is invalid");
>>>>>       return NGX_ERROR;
>>>>> -
>>>>> -    } else if (ctp->max_udp_payload_size > ngx_quic_max_udp_payload(c)) {
>>>>> -        ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c);
>>>>> -        ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0,
>>>>> -                       "quic client maximum packet size truncated");
>>>>>   }
>>>>> 
>>>>>   if (ctp->active_connection_id_limit < 2) {
>>>>> @@ -286,7 +281,7 @@ ngx_quic_new_connection(ngx_connection_t
>>>>> 
>>>>>   qc->path_validation.log = c->log;
>>>>>   qc->path_validation.data = c;
>>>>> -    qc->path_validation.handler = ngx_quic_path_validation_handler;
>>>>> +    qc->path_validation.handler = ngx_quic_path_handler;
>>>>> 
>>>>>   qc->conf = conf;
>>>>> 
>>>>> @@ -297,7 +292,7 @@ ngx_quic_new_connection(ngx_connection_t
>>>>>   ctp = &qc->ctp;
>>>>> 
>>>>>   /* defaults to be used before actual client parameters are received */
>>>>> -    ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c);
>>>>> +    ctp->max_udp_payload_size = NGX_QUIC_MAX_UDP_PAYLOAD_SIZE;
>>>>>   ctp->ack_delay_exponent = NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT;
>>>>>   ctp->max_ack_delay = NGX_QUIC_DEFAULT_MAX_ACK_DELAY;
>>>>>   ctp->active_connection_id_limit = 2;
>>>>> diff --git a/src/event/quic/ngx_event_quic_ack.c b/src/event/quic/ngx_event_quic_ack.c
>>>>> --- a/src/event/quic/ngx_event_quic_ack.c
>>>>> +++ b/src/event/quic/ngx_event_quic_ack.c
>>>>> @@ -229,6 +229,12 @@ ngx_quic_handle_ack_frame_range(ngx_conn
>>>>> 
>>>>>   qc = ngx_quic_get_connection(c);
>>>>> 
>>>>> +    if (ctx->level == ssl_encryption_application) {
>>>>> +        if (ngx_quic_handle_path_mtu_ack(c, qc->path, min, max) != NGX_OK) {
>>>>> +            return NGX_ERROR;
>>>>> +        }
>>>>> +    }
>>>>> +
>>>>>   st->max_pn = NGX_TIMER_INFINITE;
>>>>>   found = 0;
>>>>> 
>>>>> diff --git a/src/event/quic/ngx_event_quic_connection.h b/src/event/quic/ngx_event_quic_connection.h
>>>>> --- a/src/event/quic/ngx_event_quic_connection.h
>>>>> +++ b/src/event/quic/ngx_event_quic_connection.h
>>>>> @@ -66,6 +66,14 @@ typedef struct ngx_quic_keys_s        ng
>>>>> #define ngx_quic_get_socket(c)               ((ngx_quic_socket_t *)((c)->udp))
>>>>> 
>>>>> 
>>>>> +typedef enum {
>>>>> +    NGX_QUIC_PATH_IDLE = 0,
>>>>> +    NGX_QUIC_PATH_VALIDATING,
>>>>> +    NGX_QUIC_PATH_WAITING,
>>>>> +    NGX_QUIC_PATH_DISCOVERING_MTU
>>>> 
>>>> Nitpicking on too long name.
>>>> What about NGX_QUIC_PATH_MTUD or something.
>>> 
>>> OK, renamed.
>>> 
>>>>> +} ngx_quic_path_state_e;
>>>>> +
>>>>> +
>>>>> struct ngx_quic_client_id_s {
>>>>>   ngx_queue_t                       queue;
>>>>>   uint64_t                          seqnum;
>>>>> @@ -89,18 +97,22 @@ struct ngx_quic_path_s {
>>>>>   ngx_sockaddr_t                    sa;
>>>>>   socklen_t                         socklen;
>>>>>   ngx_quic_client_id_t             *cid;
>>>>> +    ngx_quic_path_state_e             state;
>>>>>   ngx_msec_t                        expires;
>>>>>   ngx_uint_t                        tries;
>>>>>   ngx_uint_t                        tag;
>>>>> +    size_t                            mtu;
>>>>> +    size_t                            mtud;
>>>>> +    size_t                            max_mtu;
>>>>>   off_t                             sent;
>>>>>   off_t                             received;
>>>>>   u_char                            challenge1[8];
>>>>>   u_char                            challenge2[8];
>>>>>   uint64_t                          seqnum;
>>>>> +    uint64_t                          mtu_pnum[NGX_QUIC_PATH_RETRIES];
>>>>>   ngx_str_t                         addr_text;
>>>>>   u_char                            text[NGX_SOCKADDR_STRLEN];
>>>>> -    unsigned                          validated:1;
>>>>> -    unsigned                          validating:1;
>>>>> +    ngx_uint_t                        validated; /* unsigned validated:1; */
>>>>> };
>>>>> 
>>>>> 
>>>>> diff --git a/src/event/quic/ngx_event_quic_migration.c b/src/event/quic/ngx_event_quic_migration.c
>>>>> --- a/src/event/quic/ngx_event_quic_migration.c
>>>>> +++ b/src/event/quic/ngx_event_quic_migration.c
>>>>> @@ -10,6 +10,11 @@
>>>>> #include <ngx_event_quic_connection.h>
>>>>> 
>>>>> 
>>>>> +#define NGX_QUIC_PATH_MTU_DELAY       1000
>>>> 
>>>> The value looks too much,
>>>> it would delay each subsequent probe (which is not retry).
>>> 
>>> Probably the right value should be determined in real-life scenarios.
>> 
>> I'm quite skeptical about delayed probes, it has little to no benefit
>> for short connections with bulky transfers, as implemented, especially
>> with short MTU steps.  OTOH, immediate probes can lead to congestion
>> window starvation resulting in request processing slow down.
>> 
>> For the record,
>> https://www.ietf.org/proceedings/62/pmtud.html provides a discussion
>> about PMTUD, in particular, on search strategy and when to probe.
>> For the latter, it seems to articulate an opposite view, i.e. to send
>> probes ASAP.  Also, it raises a question how short lived connections
>> could benefit from PMTUD, e.g. by caching path MTU, which seems to
>> correspond to a shared PLPMTU state in RFC 8899.
>> 
>>> Let's decrease the value by a factor of 10 for now.
>> 
>> For a simple implementation, 100ms is a good enough trade-off, IMHO.
>> 
>>> 
>>>>> +#define NGX_QUIC_PATH_MTU_STEP        256
>>>>> +#define NGX_QUIC_PATH_MTU_PRECISION   16
>>>>> +
>>>>> +
>>>>> static void ngx_quic_set_connection_path(ngx_connection_t *c,
>>>>>   ngx_quic_path_t *path);
>>>>> static ngx_int_t ngx_quic_validate_path(ngx_connection_t *c,
>>>>> @@ -17,7 +22,15 @@ static ngx_int_t ngx_quic_validate_path(
>>>>> static ngx_int_t ngx_quic_send_path_challenge(ngx_connection_t *c,
>>>>>   ngx_quic_path_t *path);
>>>>> static void ngx_quic_set_path_timer(ngx_connection_t *c);
>>>>> +static ngx_int_t ngx_quic_expire_path_validation(ngx_connection_t *c,
>>>>> +    ngx_quic_path_t *path);
>>>>> +static ngx_int_t ngx_quic_expire_path_mtu_delay(ngx_connection_t *c,
>>>>> +    ngx_quic_path_t *path);
>>>>> +static ngx_int_t ngx_quic_expire_path_mtu_discovery(ngx_connection_t *c,
>>>>> +    ngx_quic_path_t *path);
>>>>> static ngx_quic_path_t *ngx_quic_get_path(ngx_connection_t *c, ngx_uint_t tag);
>>>>> +static ngx_int_t ngx_quic_send_path_mtu_probe(ngx_connection_t *c,
>>>>> +    ngx_quic_path_t *path);
>>>>> 
>>>>> 
>>>>> ngx_int_t
>>>>> @@ -97,7 +110,7 @@ ngx_quic_handle_path_response_frame(ngx_
>>>>>   {
>>>>>       path = ngx_queue_data(q, ngx_quic_path_t, queue);
>>>>> 
>>>>> -        if (!path->validating) {
>>>>> +        if (path->state != NGX_QUIC_PATH_VALIDATING) {
>>>>>           continue;
>>>>>       }
>>>>> 
>>>>> @@ -136,6 +149,9 @@ valid:
>>>>>       {
>>>>>           /* address did not change */
>>>>>           rst = 0;
>>>>> +
>>>>> +            path->mtu = prev->mtu;
>>>>> +            path->max_mtu = prev->max_mtu;
>>>>>       }
>>>>>   }
>>>>> 
>>>>> @@ -167,9 +183,8 @@ valid:
>>>>>   ngx_quic_path_dbg(c, "is validated", path);
>>>>> 
>>>>>   path->validated = 1;
>>>>> -    path->validating = 0;
>>>>> 
>>>>> -    ngx_quic_set_path_timer(c);
>>>>> +    ngx_quic_discover_path_mtu(c, path);
>>>>> 
>>>>>   return NGX_OK;
>>>>> }
>>>>> @@ -217,6 +232,8 @@ ngx_quic_new_path(ngx_connection_t *c,
>>>>>   path->addr_text.len = ngx_sock_ntop(sockaddr, socklen, path->text,
>>>>>                                       NGX_SOCKADDR_STRLEN, 1);
>>>>> 
>>>>> +    path->mtu = NGX_QUIC_MIN_INITIAL_SIZE;
>>>>> +
>>>>>   ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
>>>>>                  "quic path seq:%uL created addr:%V",
>>>>>                  path->seqnum, &path->addr_text);
>>>>> @@ -464,7 +481,7 @@ ngx_quic_handle_migration(ngx_connection
>>>>> 
>>>>>   ngx_quic_set_connection_path(c, next);
>>>>> 
>>>>> -    if (!next->validated && !next->validating) {
>>>>> +    if (!next->validated && next->state != NGX_QUIC_PATH_VALIDATING) {
>>>>>       if (ngx_quic_validate_path(c, next) != NGX_OK) {
>>>>>           return NGX_ERROR;
>>>>>       }
>>>>> @@ -492,7 +509,6 @@ ngx_quic_validate_path(ngx_connection_t 
>>>>>   ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
>>>>>                  "quic initiated validation of path seq:%uL", path->seqnum);
>>>>> 
>>>>> -    path->validating = 1;
>>>>>   path->tries = 0;
>>>>> 
>>>>>   if (RAND_bytes(path->challenge1, 8) != 1) {
>>>>> @@ -511,6 +527,7 @@ ngx_quic_validate_path(ngx_connection_t 
>>>>>   pto = ngx_max(ngx_quic_pto(c, ctx), 1000);
>>>>> 
>>>>>   path->expires = ngx_current_msec + pto;
>>>>> +    path->state = NGX_QUIC_PATH_VALIDATING;
>>>>> 
>>>>>   ngx_quic_set_path_timer(c);
>>>>> 
>>>>> @@ -558,6 +575,42 @@ ngx_quic_send_path_challenge(ngx_connect
>>>>> }
>>>>> 
>>>>> 
>>>>> +void
>>>>> +ngx_quic_discover_path_mtu(ngx_connection_t *c, ngx_quic_path_t *path)
>>>>> +{
>>>>> +    ngx_quic_connection_t  *qc;
>>>>> +
>>>>> +    qc = ngx_quic_get_connection(c);
>>>>> +
>>>>> +    if (path->max_mtu) {
>>>>> +        if (path->max_mtu - path->mtu <= NGX_QUIC_PATH_MTU_PRECISION) {
>>>>> +            path->state = NGX_QUIC_PATH_IDLE;
>>>>> +            ngx_quic_set_path_timer(c);
>>>>> +            return;
>>>>> +        }
>>>>> +
>>>>> +        path->mtud = (path->mtu + path->max_mtu) / 2;
>>>>> +
>>>>> +    } else {
>>>>> +        path->mtud = path->mtu + NGX_QUIC_PATH_MTU_STEP;
>>>> 
>>>> I like this approach, compared to multiplying probe steps.
>>>> This better fits to the pattern to keep around a well-known
>>>> initial value, which is typically 1500 bytes.
>>>> Another one could be to let user specify its own initial
>>>> value for cases when he knows well its network environment.
>>>> 
>>>>> +
>>>>> +        if (path->mtud >= qc->ctp.max_udp_payload_size) {
>>>>> +            path->mtud = qc->ctp.max_udp_payload_size;
>>>>> +            path->max_mtu = qc->ctp.max_udp_payload_size;
>>>>> +        }
>>>>> +    }
>>>>> +
>>>>> +    path->state = NGX_QUIC_PATH_WAITING;
>>>>> +    path->expires = ngx_current_msec + NGX_QUIC_PATH_MTU_DELAY;
>>>>> +
>>>>> +    ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
>>>>> +                   "quic path seq:%uL schedule mtu:%uz",
>>>>> +                   path->seqnum, path->mtud);
>>>>> +
>>>>> +    ngx_quic_set_path_timer(c);
>>>>> +}
>>>>> +
>>>>> +
>>>>> static void
>>>>> ngx_quic_set_path_timer(ngx_connection_t *c)
>>>>> {
>>>>> @@ -578,7 +631,7 @@ ngx_quic_set_path_timer(ngx_connection_t
>>>>>   {
>>>>>       path = ngx_queue_data(q, ngx_quic_path_t, queue);
>>>>> 
>>>>> -        if (!path->validating) {
>>>>> +        if (path->state == NGX_QUIC_PATH_IDLE) {
>>>>>           continue;
>>>>>       }
>>>>> 
>>>>> @@ -600,22 +653,18 @@ ngx_quic_set_path_timer(ngx_connection_t
>>>>> 
>>>>> 
>>>>> void
>>>>> -ngx_quic_path_validation_handler(ngx_event_t *ev)
>>>>> +ngx_quic_path_handler(ngx_event_t *ev)
>>>>> {
>>>>>   ngx_msec_t              now;
>>>>>   ngx_queue_t            *q;
>>>>> -    ngx_msec_int_t          left, next, pto;
>>>>> -    ngx_quic_path_t        *path, *bkp;
>>>>> +    ngx_msec_int_t          left;
>>>>> +    ngx_quic_path_t        *path;
>>>>>   ngx_connection_t       *c;
>>>>> -    ngx_quic_send_ctx_t    *ctx;
>>>>>   ngx_quic_connection_t  *qc;
>>>>> 
>>>>>   c = ev->data;
>>>>>   qc = ngx_quic_get_connection(c);
>>>>> 
>>>>> -    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
>>>>> -
>>>>> -    next = -1;
>>>>>   now = ngx_current_msec;
>>>>> 
>>>>>   q = ngx_queue_head(&qc->paths);
>>>>> @@ -625,83 +674,274 @@ ngx_quic_path_validation_handler(ngx_eve
>>>>>       path = ngx_queue_data(q, ngx_quic_path_t, queue);
>>>>>       q = ngx_queue_next(q);
>>>>> 
>>>>> -        if (!path->validating) {
>>>>> +        if (path->state == NGX_QUIC_PATH_IDLE) {
>>>>>           continue;
>>>>>       }
>>>>> 
>>>>>       left = path->expires - now;
>>>>> 
>>>>>       if (left > 0) {
>>>>> -
>>>>> -            if (next == -1 || left < next) {
>>>>> -                next = left;
>>>>> -            }
>>>>> -
>>>>> -            continue;
>>>>> -        }
>>>>> -
>>>>> -        if (++path->tries < NGX_QUIC_PATH_RETRIES) {
>>>>> -            pto = ngx_max(ngx_quic_pto(c, ctx), 1000) << path->tries;
>>>>> -
>>>>> -            path->expires = ngx_current_msec + pto;
>>>>> -
>>>>> -            if (next == -1 || pto < next) {
>>>>> -                next = pto;
>>>>> -            }
>>>>> -
>>>>> -            /* retransmit */
>>>>> -            (void) ngx_quic_send_path_challenge(c, path);
>>>>> -
>>>>>           continue;
>>>>>       }
>>>>> 
>>>>> -        ngx_log_debug1(NGX_LOG_DEBUG_EVENT, ev->log, 0,
>>>>> -                       "quic path seq:%uL validation failed", path->seqnum);
>>>>> +        switch (path->state) {
>>>>> +        case NGX_QUIC_PATH_VALIDATING:
>>>>> +             if (ngx_quic_expire_path_validation(c, path) != NGX_OK) {
>>>>> +                goto failed;
>>>>> +            }
>>>>> +
>>>>> +            break;
>>>>> +
>>>>> +        case NGX_QUIC_PATH_WAITING:
>>>>> +            if (ngx_quic_expire_path_mtu_delay(c, path) != NGX_OK) {
>>>>> +                goto failed;
>>>>> +            }
>>>>> +
>>>>> +            break;
>>>>> +
>>>>> +        case NGX_QUIC_PATH_DISCOVERING_MTU:
>>>>> +            if (ngx_quic_expire_path_mtu_discovery(c, path) != NGX_OK) {
>>>>> +                goto failed;
>>>>> +             }
>>>>> +
>>>>> +            break;
>>>>> +
>>>> 
>>>> indentation in several places here
>>> 
>>> Fixed, thanks.
>>> 
>>>>> +        default:
>>>>> +            break;
>>>>> +         }
>>>>> +     }
>>>>> +
>>>>> +    ngx_quic_set_path_timer(c);
>>>>> +
>>>>> +    return;
>>>>> 
>>>>> -        /* found expired path */
>>>>> +failed:
>>>>> +
>>>>> +    ngx_quic_close_connection(c, NGX_ERROR);
>>>>> +}
>>>>> +
>>>>> +
>>>>> +static ngx_int_t
>>>>> +ngx_quic_expire_path_validation(ngx_connection_t *c, ngx_quic_path_t *path)
>>>>> +{
>>>>> +    ngx_msec_int_t          pto;
>>>>> +    ngx_quic_path_t        *bkp;
>>>>> +    ngx_quic_send_ctx_t    *ctx;
>>>>> +    ngx_quic_connection_t  *qc;
>>>>> 
>>>>> -        path->validated = 0;
>>>>> -        path->validating = 0;
>>>>> +    qc = ngx_quic_get_connection(c);
>>>>> +    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
>>>>> +
>>>>> +    if (++path->tries < NGX_QUIC_PATH_RETRIES) {
>>>>> +        pto = ngx_max(ngx_quic_pto(c, ctx), 1000) << path->tries;
>>>>> +        path->expires = ngx_current_msec + pto;
>>>>> +
>>>>> +        (void) ngx_quic_send_path_challenge(c, path);
>>>>> +
>>>>> +        return NGX_OK;
>>>>> +    }
>>>>> +
>>>>> +    ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
>>>>> +                   "quic path seq:%uL validation failed", path->seqnum);
>>>>> +
>>>>> +    /* found expired path */
>>>>> +
>>>>> +    path->validated = 0;
>>>>> 
>>>>> 
>>>>> -        /* RFC 9000, 9.3.2.  On-Path Address Spoofing
>>>>> -         *
>>>>> -         * To protect the connection from failing due to such a spurious
>>>>> -         * migration, an endpoint MUST revert to using the last validated
>>>>> -         * peer address when validation of a new peer address fails.
>>>>> -         */
>>>>> -
>>>>> -        if (qc->path == path) {
>>>>> -            /* active path validation failed */
>>>>> -
>>>>> -            bkp = ngx_quic_get_path(c, NGX_QUIC_PATH_BACKUP);
>>>>> +    /* RFC 9000, 9.3.2.  On-Path Address Spoofing
>>>>> +     *
>>>>> +     * To protect the connection from failing due to such a spurious
>>>>> +     * migration, an endpoint MUST revert to using the last validated
>>>>> +     * peer address when validation of a new peer address fails.
>>>>> +     */
>>>>> 
>>>>> -            if (bkp == NULL) {
>>>>> -                qc->error = NGX_QUIC_ERR_NO_VIABLE_PATH;
>>>>> -                qc->error_reason = "no viable path";
>>>>> -                ngx_quic_close_connection(c, NGX_ERROR);
>>>>> -                return;
>>>>> -            }
>>>>> +    if (qc->path == path) {
>>>>> +        /* active path validation failed */
>>>>> +
>>>>> +        bkp = ngx_quic_get_path(c, NGX_QUIC_PATH_BACKUP);
>>>>> 
>>>>> -            qc->path = bkp;
>>>>> -            qc->path->tag = NGX_QUIC_PATH_ACTIVE;
>>>>> -
>>>>> -            ngx_quic_set_connection_path(c, qc->path);
>>>>> -
>>>>> -            ngx_log_error(NGX_LOG_INFO, c->log, 0,
>>>>> -                          "quic path seq:%uL addr:%V is restored from backup",
>>>>> -                          qc->path->seqnum, &qc->path->addr_text);
>>>>> -
>>>>> -            ngx_quic_path_dbg(c, "is active", qc->path);
>>>>> +        if (bkp == NULL) {
>>>>> +            qc->error = NGX_QUIC_ERR_NO_VIABLE_PATH;
>>>>> +            qc->error_reason = "no viable path";
>>>>> +            return NGX_ERROR;
>>>>>       }
>>>>> 
>>>>> -        if (ngx_quic_free_path(c, path) != NGX_OK) {
>>>>> -            ngx_quic_close_connection(c, NGX_ERROR);
>>>>> -            return;
>>>>> +        qc->path = bkp;
>>>>> +        qc->path->tag = NGX_QUIC_PATH_ACTIVE;
>>>>> +
>>>>> +        ngx_quic_set_connection_path(c, qc->path);
>>>>> +
>>>>> +        ngx_log_error(NGX_LOG_INFO, c->log, 0,
>>>>> +                      "quic path seq:%uL addr:%V is restored from backup",
>>>>> +                      qc->path->seqnum, &qc->path->addr_text);
>>>>> +
>>>>> +        ngx_quic_path_dbg(c, "is active", qc->path);
>>>>> +    }
>>>>> +
>>>>> +    return ngx_quic_free_path(c, path);
>>>>> +}
>>>>> +
>>>>> +
>>>>> +static ngx_int_t
>>>>> +ngx_quic_expire_path_mtu_delay(ngx_connection_t *c, ngx_quic_path_t *path)
>>>>> +{
>>>>> +    ngx_int_t               rc;
>>>>> +    ngx_uint_t              i;
>>>>> +    ngx_msec_t              pto;
>>>>> +    ngx_quic_send_ctx_t    *ctx;
>>>>> +    ngx_quic_connection_t  *qc;
>>>>> +
>>>>> +    qc = ngx_quic_get_connection(c);
>>>>> +    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
>>>>> +
>>>>> +    path->tries = 0;
>>>>> +
>>>>> +    for ( ;; ) {
>>>>> +
>>>>> +        for (i = 0; i < NGX_QUIC_PATH_RETRIES; i++) {
>>>>> +            path->mtu_pnum[i] = NGX_QUIC_UNSET_PN;
>>>>> +        }
>>>>> +
>>>>> +        rc = ngx_quic_send_path_mtu_probe(c, path);
>>>>> +
>>>>> +        if (rc == NGX_ERROR) {
>>>>> +            return NGX_ERROR;
>>>>> +        }
>>>>> +
>>>>> +        if (rc == NGX_OK) {
>>>>> +            pto = ngx_quic_pto(c, ctx);
>>>>> +            path->expires = ngx_current_msec + pto;
>>>>> +            path->state = NGX_QUIC_PATH_DISCOVERING_MTU;
>>>>> +            return NGX_OK;
>>>>> +        }
>>>>> +
>>>>> +        /* rc == NGX_DECLINED */
>>>>> +
>>>>> +        path->max_mtu = path->mtud;
>>>>> +
>>>>> +        if (path->max_mtu - path->mtu <= NGX_QUIC_PATH_MTU_PRECISION) {
>>>>> +            path->state = NGX_QUIC_PATH_IDLE;
>>>>> +            return NGX_OK;
>>>>> +        }
>>>>> +
>>>>> +        path->mtud = (path->mtu + path->max_mtu) / 2;
>>>>> +    }
>>>>> +}
>>>>> +
>>>>> +
>>>>> +static ngx_int_t
>>>>> +ngx_quic_expire_path_mtu_discovery(ngx_connection_t *c, ngx_quic_path_t *path)
>>>>> +{
>>>>> +    ngx_int_t               rc;
>>>>> +    ngx_msec_int_t          pto;
>>>>> +    ngx_quic_send_ctx_t    *ctx;
>>>>> +    ngx_quic_connection_t  *qc;
>>>>> +
>>>>> +    qc = ngx_quic_get_connection(c);
>>>>> +    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
>>>>> +
>>>>> +    if (++path->tries < NGX_QUIC_PATH_RETRIES) {
>>>>> +        pto = ngx_quic_pto(c, ctx) << path->tries;
>>>>> +        path->expires = ngx_current_msec + pto;
>>>>> +
>>>> 
>>>> Setting path->expires there seems useless.
>>>> It don't seem to be used in ngx_quic_send_path_mtu_probe(),
>>>> and ngx_quic_discover_path_mtu() used to reset path->expires.
>>> 
>>> If ngx_quic_send_path_mtu_probe() below returns NGX_OK, the path should stay
>>> in the same state, but expiration time should be advanced.  To make it
>>> more obvious, I changed this code.
>> 
>> Updated code makes it clear, thanks.
>> 
>>> 
>>>>> +        rc = ngx_quic_send_path_mtu_probe(c, path);
>>>>> +        if (rc != NGX_DECLINED) {
>>>>> +            return rc;
>>>>>       }
>>>>>   }
>>>>> 
>>>>> -    if (next != -1) {
>>>>> -        ngx_add_timer(&qc->path_validation, next);
>>>>> +    ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
>>>>> +                   "quic path seq:%uL expired mtu:%uz",
>>>>> +                   path->seqnum, path->mtud);
>>>>> +
>>>>> +    path->max_mtu = path->mtud;
>>>>> +
>>>>> +    ngx_quic_discover_path_mtu(c, path);
>>>>> +
>>>>> +    return NGX_OK;
>>>>> +}
>>>>> +
>>>>> +
>>>>> +static ngx_int_t
>>>>> +ngx_quic_send_path_mtu_probe(ngx_connection_t *c, ngx_quic_path_t *path)
>>>>> +{
>>>>> +    ngx_int_t               rc;
>>>>> +    ngx_uint_t              log_error;
>>>>> +    ngx_quic_frame_t        frame;
>>>>> +    ngx_quic_send_ctx_t    *ctx;
>>>>> +    ngx_quic_connection_t  *qc;
>>>>> +
>>>>> +    ngx_memzero(&frame, sizeof(ngx_quic_frame_t));
>>>>> +
>>>>> +    frame.level = ssl_encryption_application;
>>>>> +    frame.type = NGX_QUIC_FT_PING;
>>>>> +
>>>>> +    qc = ngx_quic_get_connection(c);
>>>>> +    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
>>>>> +    path->mtu_pnum[path->tries] = ctx->pnum;
>>>>> +
>>>>> +    ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0,
>>>>> +                   "quic path seq:%uL send probe "
>>>>> +                   "mtu:%uz pnum:%uL tries:%ui",
>>>>> +                   path->seqnum, path->mtud, ctx->pnum, path->tries);
>>>>> +
>>>>> +    log_error = c->log_error;
>>>>> +    c->log_error = NGX_ERROR_IGNORE_EMSGSIZE;
>>>>> +
>>>>> +    rc = ngx_quic_frame_sendto(c, &frame, path->mtud, path);
>>>>> +    c->log_error = log_error;
>>>>> +
>>>>> +    if (rc == NGX_ERROR) {
>>>>> +        if (c->write->error) {
>>>>> +            c->write->error = 0;
>>>>> +
>>>>> +            ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
>>>>> +                           "quic path seq:%uL rejected mtu:%uz",
>>>>> +                           path->seqnum, path->mtud);
>>>>> +
>>>>> +            return NGX_DECLINED;
>>>> 
>>>> The error handling looks awkward to decline on write error.
>>>> ngx_sendmsg() sets write error on fatal sendmsg errors,
>>>> and keeps it unset NGX_EAGAIN and NGX_EINTR, which
>>>> are typically non-fatal transient errors.
>>>> I understand this is done mostly to ignore EMSGSIZE,
>>>> maybe it makes sense to ignore the rest sendmsg() errors.
>>> 
>>> The problem is, the error doesn't make it to this point.  All be have here is
>>> NGX_ERROR and c->write->error.  I think, for PMTUD purposes we can safely
>>> ignore the errors.  It's hinghly likely, the error will repeat while doing
>>> connection I/O and we'll shortly close the connection.
>> 
>> Ok, I re-read ngx_sendmsg() to clarify the following:
>> - NGX_EINTR is handled internally and never returned up to here;
>> - NGX_EAGAIN (NGX_AGAIN) seems to be returned, at least on Linux,
>>  when send buffer is low for the MTU probe, converted to NGX_OK;
>> - FTR, looking at sosend_dgram() on FreeBSD, sendmsg seems to
>>  return EMSGSIZE there, instead, on low socket buffer space;
>> - other sendmsg errors are returned as NGX_ERROR, and
>>  c->write->error is set; this is converted to NGX_DECLINED;
>> - non-sendmsg NGX_ERRORs appeared in ngx_quic_frame_sendto()
>>  are passed as is without conversion.
>> 
>> So, the error handling as implemented to decline on any sendmsg
>> "fatal" errors actually makes sense, if we'd like to avoid rewriting
>> ngx_sendmsg() to further distinguish sendmsg errors, notably EMSGSIZE.
>> The downside is that connection may ignore actually fatal errors,
>> though the error will likely repeat on sending non-probing frames.
>> 
>> NGX_AGAIN conversion to NGX_OK is questionable, because this
>> makes a probe considered successfully sent while it is not.
>> I wonder though what we can do about that other than to simply
>> ignore, similar to other ngx_quic_frame_sendto() callers,
>> because next time on a probe retry sendmsg can return success.
> 
> Ignoring certain send error for probes is not a big deal since timeout
> expiration will lead to the same result eventually.
> 
>>>>> +        }
>>>>> +
>>>>> +        return NGX_ERROR;
>>>>>   }
>>>>> +
>>>>> +    return NGX_OK;
>>>>> }
>>>>> +
>>>>> +
>>>>> +ngx_int_t
>>>>> +ngx_quic_handle_path_mtu_ack(ngx_connection_t *c, ngx_quic_path_t *path,
>>>>> +    uint64_t min, uint64_t max)
>>>>> +{
>>>>> +    uint64_t    pnum;
>>>>> +    ngx_uint_t  i;
>>>>> +
>>>>> +    if (path->state != NGX_QUIC_PATH_DISCOVERING_MTU) {
>>>>> +        return NGX_OK;
>>>>> +    }
>>>>> +
>>>>> +    for (i = 0; i < NGX_QUIC_PATH_RETRIES; i++) {
>>>>> +        pnum = path->mtu_pnum[i];
>>>>> +
>>>>> +        if (pnum == NGX_QUIC_UNSET_PN) {
>>>>> +            break;
>>>>> +        }
>>>>> +
>>>>> +        if (pnum < min || pnum > max) {
>>>>> +            continue;
>>>>> +        }
>>>>> +
>>>>> +        path->mtu = path->mtud;
>>>>> +
>>>>> +        ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
>>>>> +                       "quic path seq:%uL ack mtu:%uz",
>>>>> +                       path->seqnum, path->mtu);
>>>>> +
>>>>> +        ngx_quic_discover_path_mtu(c, path);
>>>>> +
>>>>> +        break;
>>>> 
>>>> What if two probes appeared ACKed in one range.
>>>> Though that seems to be safe to break there, as two
>>>> probes barely have different probe sizes, rather retries.
>>> 
>>> No matter how many probes are acked, the next step is still the same.
>>> So there's no reason to find all of them.
>>> 
>> 
>> Ok, let's leave it as is.
>> 
>>>>> +    }
>>>>> +
>>>>> +    return NGX_OK;
>>>>> +}
>>>>> diff --git a/src/event/quic/ngx_event_quic_migration.h b/src/event/quic/ngx_event_quic_migration.h
>>>>> --- a/src/event/quic/ngx_event_quic_migration.h
>>>>> +++ b/src/event/quic/ngx_event_quic_migration.h
>>>>> @@ -18,10 +18,10 @@
>>>>> #define NGX_QUIC_PATH_BACKUP    2
>>>>> 
>>>>> #define ngx_quic_path_dbg(c, msg, path)                                       \
>>>>> -    ngx_log_debug6(NGX_LOG_DEBUG_EVENT, c->log, 0,                            \
>>>>> -                   "quic path seq:%uL %s sent:%O recvd:%O state:%s%s",        \
>>>>> +    ngx_log_debug7(NGX_LOG_DEBUG_EVENT, c->log, 0,                            \
>>>>> +                   "quic path seq:%uL %s tx:%O rx:%O valid:%d st:%d mtu:%uz", \
>>>>>                  path->seqnum, msg, path->sent, path->received,             \
>>>>> -                   path->validated ? "V": "N", path->validating ? "R": "");
>>>>> +                   path->validated, path->state, path->mtu);
>>>>> 
>>>>> ngx_int_t ngx_quic_handle_path_challenge_frame(ngx_connection_t *c,
>>>>>   ngx_quic_header_t *pkt, ngx_quic_path_challenge_frame_t *f);
>>>>> @@ -36,6 +36,10 @@ ngx_int_t ngx_quic_set_path(ngx_connecti
>>>>> ngx_int_t ngx_quic_handle_migration(ngx_connection_t *c,
>>>>>   ngx_quic_header_t *pkt);
>>>>> 
>>>>> -void ngx_quic_path_validation_handler(ngx_event_t *ev);
>>>>> +void ngx_quic_path_handler(ngx_event_t *ev);
>>>>> +
>>>>> +void ngx_quic_discover_path_mtu(ngx_connection_t *c, ngx_quic_path_t *path);
>>>>> +ngx_int_t ngx_quic_handle_path_mtu_ack(ngx_connection_t *c,
>>>>> +    ngx_quic_path_t *path, uint64_t min, uint64_t max);
>>>> 
>>>> Nitpicking:
>>>> maybe just ngx_quic_handle_path_mtu() ?
>>>> This would match ngx_quic_discover_path_mtu() naming.
>>> 
>>> OK, renamed.
>>> 
>>>>> 
>>>>> #endif /* _NGX_EVENT_QUIC_MIGRATION_H_INCLUDED_ */
>>>>> diff --git a/src/event/quic/ngx_event_quic_output.c b/src/event/quic/ngx_event_quic_output.c
>>>>> --- a/src/event/quic/ngx_event_quic_output.c
>>>>> +++ b/src/event/quic/ngx_event_quic_output.c
>>>>> @@ -10,9 +10,6 @@
>>>>> #include <ngx_event_quic_connection.h>
>>>>> 
>>>>> 
>>>>> -#define NGX_QUIC_MAX_UDP_PAYLOAD_OUT   1252
>>>>> -#define NGX_QUIC_MAX_UDP_PAYLOAD_OUT6  1232
>>>>> -
>>>>> #define NGX_QUIC_MAX_UDP_SEGMENT_BUF  65487 /* 65K - IPv6 header */
>>>>> #define NGX_QUIC_MAX_SEGMENTS            64 /* UDP_MAX_SEGMENTS */
>>>>> 
>>>>> @@ -61,21 +58,6 @@ static size_t ngx_quic_path_limit(ngx_co
>>>>>   size_t size);
>>>>> 
>>>>> 
>>>>> -size_t
>>>>> -ngx_quic_max_udp_payload(ngx_connection_t *c)
>>>>> -{
>>>>> -    /* TODO: path MTU discovery */
>>>>> -
>>>>> -#if (NGX_HAVE_INET6)
>>>>> -    if (c->sockaddr->sa_family == AF_INET6) {
>>>>> -        return NGX_QUIC_MAX_UDP_PAYLOAD_OUT6;
>>>>> -    }
>>>>> -#endif
>>>>> -
>>>>> -    return NGX_QUIC_MAX_UDP_PAYLOAD_OUT;
>>>>> -}
>>>>> -
>>>>> -
>>>>> ngx_int_t
>>>>> ngx_quic_output(ngx_connection_t *c)
>>>>> {
>>>>> @@ -142,10 +124,7 @@ ngx_quic_create_datagrams(ngx_connection
>>>>> 
>>>>>       p = dst;
>>>>> 
>>>>> -        len = ngx_min(qc->ctp.max_udp_payload_size,
>>>>> -                      NGX_QUIC_MAX_UDP_PAYLOAD_SIZE);
>>>>> -
>>>>> -        len = ngx_quic_path_limit(c, path, len);
>>>>> +        len = ngx_quic_path_limit(c, path, path->mtu);
>>>>> 
>>>>>       pad = ngx_quic_get_padding_level(c);
>>>>> 
>>>>> @@ -299,9 +278,7 @@ ngx_quic_allow_segmentation(ngx_connecti
>>>>>   ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
>>>>> 
>>>>>   bytes = 0;
>>>>> -
>>>>> -    len = ngx_min(qc->ctp.max_udp_payload_size,
>>>>> -                  NGX_QUIC_MAX_UDP_SEGMENT_BUF);
>>>>> +    len = ngx_min(qc->path->mtu, NGX_QUIC_MAX_UDP_SEGMENT_BUF);
>>>>> 
>>>>>   for (q = ngx_queue_head(&ctx->frames);
>>>>>        q != ngx_queue_sentinel(&ctx->frames);
>>>>> @@ -345,8 +322,7 @@ ngx_quic_create_segments(ngx_connection_
>>>>>       return NGX_ERROR;
>>>>>   }
>>>>> 
>>>>> -    segsize = ngx_min(qc->ctp.max_udp_payload_size,
>>>>> -                      NGX_QUIC_MAX_UDP_SEGMENT_BUF);
>>>>> +    segsize = ngx_min(path->mtu, NGX_QUIC_MAX_UDP_SEGMENT_BUF);
>>>>>   p = dst;
>>>>>   end = dst + sizeof(dst);
>>>>> 
>>>>> diff --git a/src/event/quic/ngx_event_quic_output.h b/src/event/quic/ngx_event_quic_output.h
>>>>> --- a/src/event/quic/ngx_event_quic_output.h
>>>>> +++ b/src/event/quic/ngx_event_quic_output.h
>>>>> @@ -12,8 +12,6 @@
>>>>> #include <ngx_core.h>
>>>>> 
>>>>> 
>>>>> -size_t ngx_quic_max_udp_payload(ngx_connection_t *c);
>>>>> -
>>>>> ngx_int_t ngx_quic_output(ngx_connection_t *c);
>>>>> 
>>>>> ngx_int_t ngx_quic_negotiate_version(ngx_connection_t *c,
>>>>> diff --git a/src/event/quic/ngx_event_quic_ssl.c b/src/event/quic/ngx_event_quic_ssl.c
>>>>> --- a/src/event/quic/ngx_event_quic_ssl.c
>>>>> +++ b/src/event/quic/ngx_event_quic_ssl.c
>>>>> @@ -494,6 +494,8 @@ ngx_quic_crypto_input(ngx_connection_t *
>>>>>    */
>>>>>   ngx_quic_discard_ctx(c, ssl_encryption_handshake);
>>>>> 
>>>>> +    ngx_quic_discover_path_mtu(c, qc->path);
>>>>> +
>>>>>   /* start accepting clients on negotiated number of server ids */
>>>>>   if (ngx_quic_create_sockets(c) != NGX_OK) {
>>>>>       return NGX_ERROR;
>>>>> diff --git a/src/os/unix/ngx_errno.h b/src/os/unix/ngx_errno.h
>>>>> --- a/src/os/unix/ngx_errno.h
>>>>> +++ b/src/os/unix/ngx_errno.h
>>>>> @@ -54,6 +54,7 @@ typedef int               ngx_err_t;
>>>>> #define NGX_ENOMOREFILES  0
>>>>> #define NGX_ELOOP         ELOOP
>>>>> #define NGX_EBADF         EBADF
>>>>> +#define NGX_EMSGSIZE      EMSGSIZE
>>>>> 
>>>>> #if (NGX_HAVE_OPENAT)
>>>>> #define NGX_EMLINK        EMLINK
>> 
>> This will break on win32, an NGX_EMSGSIZE definition needs to be
>> provided there, which is WSAEMSGSIZE.
> 
> Thanks, fixed.
> 
>>> 
>>> The diff is attached.
>>> 
>> 
>> The diff looks good.
> 
> Also, with step-based mtu step updates, QUIC flood detection is triggered with
> the h3_keepalive.t on interfaces with large mtu.  I think, doubling mtu
> is a safer choice.

While optimizing for theoretical maximum is not something to accent,
it is certainly expected to work well on various links.  Below are some
numbers to consider, taken on various PMTU and interval/search strategy.

= 20 streams, 1mb response each, pmtu=65536 (sampled 3 times)

pn/ack  probes  last    total bytes

== 1000ms + 256
1       21      6.320   79.472
2       18      5.808   65.376
3       17      5.552   59.568
4       15      2.400   33.984

== 100ms + 256
1       263     65.500  8.962.971
2       256     65.500  8.708.555
3       268     65.500  9.188.363

== 100ms * 2
1       17-24   65.513    833.607-1.286.679
2       23-24   65.513  1.190.607-1.255.710
3       20-23   65.513    996.252-1.198.820
4       18      65.513    872.007

It is clearly seen from the above:
- "1000ms + 256" (baseline) does not converge after 20 MB
- "100ms + 256" converges but hits flood detection limit,
  which is 8 MB of probes if no stream traffic in the connection.
- "100ms * 2" results in ~ 1 MB of total probe traffic

This explains how h3_keepalive.t is failed.


Below "100ms * 2" is also seen with better avg payload size.
Compared with pto and ack-only packets cleared from raw data,
seen increased with "100ms * 2" if client ack's with frequency
less than on every second packet, which messed up avg stats.

= 20 streams, 1mb response each, pmtu=65536 (sampled 3 times)

pn/ack  pn      stat

== 1000ms + 256
1       N=8245  min=3  max=6033  m=2437 avg=2552  std=1750
2       N=8481  min=3  max=5733  m=2296 avg=2486  std=1453
3       N=8703  min=3  max=5517  m=2189 avg=2424  std=1361
4       N=11237 min=3 max=2349  m=2349 avg=1879   std=770

== 100ms + 256
1       N=3757  min=3 max=18573 m=3494 avg=5440   std=5226
2       N=3696  min=3 max=17037 m=4493 avg=5686   std=4475
3       N=3745  min=3 max=16525 m=4493 avg=5657   std=4308

== 100ms * 2
1       N=1956  min=3  max=65465 m=1165 avg=10757 std=23394
2       N=1150  min=3  max=65465 m=2320 avg=18264 std=26491
3       N=1411  min=3  max=65465 m=1165 avg=14879 std=25476
4       N=1691  min=3  max=65465 m=548  avg=12419 std=23854
== after clearing pto and ack-only
1*      N=1910  min=9  max=65465 m=1165 avg=11014 std=23612
2*      N=1095  min=10 max=65465 m=2365 avg=19181 std=26823
3*      N=1117  min=12 max=65465 m=2193 avg=18798 std=27320
4*      N=1145  min=9  max=65465 m=2365 avg=18333 std=27049

As seen from the above, "100ms * 2" represents worse median,
even with pto/ack-only cleared, which may be a sign of poor
packing to maximum packet size, resulting in short packets.


On a typical PMTU of up to 1500, the difference is leveled
(captured with pn/ack=2)

= 20 streams, 1mb response each, pmtu=1500 (sampled 3 times)

x 1000_256
+ 100_256
* 100_x2
    N           Min           Max        Median           Avg        Stddev
x 16443             3          1437          1437     1283.7392     414.27811
+ 16377             3          1437          1437     1288.8831     412.92124
No difference proven at 95.0% confidence
* 16398             3          1436          1436     1287.2667     413.79561
No difference proven at 95.0% confidence

pn/ack  probes  last    total bytes
== 1000ms + 256
2       6       1472    9232
== 100ms + 256
2       6       1472    9232
== 100ms * 2
2       8       1471    12889

> 
> Also, while looking in migration test logs, I thought it might be a good idea to
> only handle validation/mtu events for the currently active path.
> 

Can you elaborate?

> Including 3 patch updates:
> 
> - the last one + win32 fix + format fix in ngx_quic_path_dbg()
> - x2 mtu
> - single-path event handling
> 
> --
> Roman Arutyunyan
> <quic-pmtud-fix.txt><quic-pmtud-scale-x2.txt><quic-pmtud-fix-2.txt>_______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> https://mailman.nginx.org/mailman/listinfo/nginx-devel

-- 
Sergey Kandaurov

From pluknet at nginx.com  Thu Aug 10 15:48:33 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Thu, 10 Aug 2023 19:48:33 +0400
Subject: [PATCH 1 of 4] QUIC: optimized ACK delay
In-Reply-To: <2fd16fc76920ef0b8ea2.1690461756@plentiful-waterbuck>
References: <patchbomb.1690461755@plentiful-waterbuck>
 <2fd16fc76920ef0b8ea2.1690461756@plentiful-waterbuck>
Message-ID: <7A40A833-45C8-4AB7-A026-EADD1974CF75@nginx.com>


> On 27 Jul 2023, at 16:42, Roman Arutyunyan <arut at nginx.com> wrote:
> 
> # HG changeset patch
> # User Roman Arutyunyan <arut at nginx.com>
> # Date 1690461437 -14400
> #      Thu Jul 27 16:37:17 2023 +0400
> # Node ID 2fd16fc76920ef0b8ea2fa64858934e38c4477c5
> # Parent  904c99bede1770d92566b56939c5b6ec85f05b55
> QUIC: optimized ACK delay.
> 
> Previously ACK was not generated if max_ack_delay was not yet expired and the
> number of unacknowledged ack-eliciting packets was less than two, as allowed by
> RFC 9000 13.2.1-13.2.2.  However this only makes sense to avoid sending ACK-only
> packets, as explained by the RFC:
> 
>  On the other hand, reducing the frequency of packets that carry only
>  acknowledgments reduces packet transmission and processing cost at both
>  endpoints.
> 
> Now ACK is delayed only if output frame queue is empty.  Otherwise ACK is sent
> immediately, which significantly improves QUIC performance with certain tests.
> 
> diff --git a/src/event/quic/ngx_event_quic_ack.c b/src/event/quic/ngx_event_quic_ack.c
> --- a/src/event/quic/ngx_event_quic_ack.c
> +++ b/src/event/quic/ngx_event_quic_ack.c
> @@ -1171,7 +1171,8 @@ ngx_quic_generate_ack(ngx_connection_t *
>         delay = ngx_current_msec - ctx->ack_delay_start;
>         qc = ngx_quic_get_connection(c);
> 
> -        if (ctx->send_ack < NGX_QUIC_MAX_ACK_GAP
> +        if (ngx_queue_empty(&ctx->frames)
> +            && ctx->send_ack < NGX_QUIC_MAX_ACK_GAP
>             && delay < qc->tp.max_ack_delay)
>         {
>             if (!qc->push.timer_set && !qc->closing) {

Looks good.

-- 
Sergey Kandaurov

From pluknet at nginx.com  Thu Aug 10 16:02:06 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Thu, 10 Aug 2023 20:02:06 +0400
Subject: [PATCH 2 of 4] QUIC: always add ACK frame to the queue head
In-Reply-To: <0d12ada84c168c62e9ba.1690461757@plentiful-waterbuck>
References: <patchbomb.1690461755@plentiful-waterbuck>
 <0d12ada84c168c62e9ba.1690461757@plentiful-waterbuck>
Message-ID: <0BCDC3BC-6BAB-4DF4-8C3D-D529008102C0@nginx.com>


> On 27 Jul 2023, at 16:42, Roman Arutyunyan <arut at nginx.com> wrote:
> 
> # HG changeset patch
> # User Roman Arutyunyan <arut at nginx.com>
> # Date 1690461509 -14400
> #      Thu Jul 27 16:38:29 2023 +0400
> # Node ID 0d12ada84c168c62e9bae847af2725641da583d0
> # Parent  2fd16fc76920ef0b8ea2fa64858934e38c4477c5
> QUIC: always add ACK frame to the queue head.
> 
> Previously it was added to the tail as all other frames.  However, if the
> amount of queued data is large, it could delay the delivery of ACK, which
> could trigger frames retransmissions and slow down the connection.
> 
> diff --git a/src/event/quic/ngx_event_quic_output.c b/src/event/quic/ngx_event_quic_output.c
> --- a/src/event/quic/ngx_event_quic_output.c
> +++ b/src/event/quic/ngx_event_quic_output.c
> @@ -1175,7 +1175,9 @@ ngx_quic_send_ack(ngx_connection_t *c, n
>     frame->u.ack.range_count = ctx->nranges;
>     frame->u.ack.first_range = ctx->first_range;
> 
> -    ngx_quic_queue_frame(qc, frame);
> +    ngx_queue_insert_head(&ctx->frames, &frame->queue);
> +
> +    frame->len = ngx_quic_create_frame(NULL, frame);
> 
>     return NGX_OK;
> }

place frame->len first, to other frame assignments?

Otherwise, looks good.

-- 
Sergey Kandaurov

From pluknet at nginx.com  Thu Aug 10 16:21:03 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Thu, 10 Aug 2023 20:21:03 +0400
Subject: [PATCH 3 of 4] QUIC: fixed congesion control in GSO mode
In-Reply-To: <d8a6ec55938e9a4f1a84.1690461758@plentiful-waterbuck>
References: <patchbomb.1690461755@plentiful-waterbuck>
 <d8a6ec55938e9a4f1a84.1690461758@plentiful-waterbuck>
Message-ID: <3F148304-B8CF-454E-B551-7ABE451AB298@nginx.com>


> On 27 Jul 2023, at 16:42, Roman Arutyunyan <arut at nginx.com> wrote:
> 
> # HG changeset patch
> # User Roman Arutyunyan <arut at nginx.com>
> # Date 1690450542 -14400
> #      Thu Jul 27 13:35:42 2023 +0400
> # Node ID d8a6ec55938e9a4f1a84c825d9c6abe13aa8b791
> # Parent  0d12ada84c168c62e9bae847af2725641da583d0
> QUIC: fixed congesion control in GSO mode.
> 
> In non-GSO mode, a datagram is sent if congestion window is not exceeded by the
> time of send.  The window could be exceeded by a small amount after the send.
> In GSO mode, congestion window was checked in a similar way, but for all
> concatenated datagrams as a whole.  This could result in exceeding congestion
> window by a lot.  Now congestion window is checked for every datagram in GSO
> mode as well.
> 
> diff --git a/src/event/quic/ngx_event_quic_output.c b/src/event/quic/ngx_event_quic_output.c
> --- a/src/event/quic/ngx_event_quic_output.c
> +++ b/src/event/quic/ngx_event_quic_output.c
> @@ -358,7 +358,7 @@ ngx_quic_create_segments(ngx_connection_
> 
>         len = ngx_min(segsize, (size_t) (end - p));
> 
> -        if (len && cg->in_flight < cg->window) {
> +        if (len && cg->in_flight + (p - dst) < cg->window) {
> 
>             n = ngx_quic_output_packet(c, ctx, p, len, len);
>             if (n == NGX_ERROR) {

So ngx_quic_commit_send() is called just once all data
is prepared to be sent in ngx_quic_send_segments().

I think the change is good, though it introduces a subtle diff
compared to cg->in_flight check in ngx_quic_create_datagrams(),
now we will need to take into account.

-- 
Sergey Kandaurov

From vl at inspert.ru  Thu Aug 10 16:26:48 2023
From: vl at inspert.ru (Vladimir Homutov)
Date: Thu, 10 Aug 2023 19:26:48 +0300
Subject: [PATCH 2 of 4] QUIC: always add ACK frame to the queue head
In-Reply-To: <0BCDC3BC-6BAB-4DF4-8C3D-D529008102C0@nginx.com>
References: <patchbomb.1690461755@plentiful-waterbuck>
 <0d12ada84c168c62e9ba.1690461757@plentiful-waterbuck>
 <0BCDC3BC-6BAB-4DF4-8C3D-D529008102C0@nginx.com>
Message-ID: <ZNUPyJKah646hZ7p@vlws>

On Thu, Aug 10, 2023 at 08:02:06PM +0400, Sergey Kandaurov wrote:
>
> > On 27 Jul 2023, at 16:42, Roman Arutyunyan <arut at nginx.com> wrote:
> >
> > # HG changeset patch
> > # User Roman Arutyunyan <arut at nginx.com>
> > # Date 1690461509 -14400
> > #      Thu Jul 27 16:38:29 2023 +0400
> > # Node ID 0d12ada84c168c62e9bae847af2725641da583d0
> > # Parent  2fd16fc76920ef0b8ea2fa64858934e38c4477c5
> > QUIC: always add ACK frame to the queue head.
> >
> > Previously it was added to the tail as all other frames.  However, if the
> > amount of queued data is large, it could delay the delivery of ACK, which
> > could trigger frames retransmissions and slow down the connection.
> >
> > diff --git a/src/event/quic/ngx_event_quic_output.c b/src/event/quic/ngx_event_quic_output.c
> > --- a/src/event/quic/ngx_event_quic_output.c
> > +++ b/src/event/quic/ngx_event_quic_output.c
> > @@ -1175,7 +1175,9 @@ ngx_quic_send_ack(ngx_connection_t *c, n
> >     frame->u.ack.range_count = ctx->nranges;
> >     frame->u.ack.first_range = ctx->first_range;
> >
> > -    ngx_quic_queue_frame(qc, frame);
> > +    ngx_queue_insert_head(&ctx->frames, &frame->queue);
> > +
> > +    frame->len = ngx_quic_create_frame(NULL, frame);
> >
> >     return NGX_OK;
> > }
>
> place frame->len first, to other frame assignments?
>
> Otherwise, looks good.

The ngx_quic_queue_frame() functions also posts the push event.

Most likely it will be set anyway, but formally the change missing it.

From pluknet at nginx.com  Thu Aug 10 16:30:55 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Thu, 10 Aug 2023 20:30:55 +0400
Subject: [PATCH 2 of 4] QUIC: always add ACK frame to the queue head
In-Reply-To: <ZNUPyJKah646hZ7p@vlws>
References: <patchbomb.1690461755@plentiful-waterbuck>
 <0d12ada84c168c62e9ba.1690461757@plentiful-waterbuck>
 <0BCDC3BC-6BAB-4DF4-8C3D-D529008102C0@nginx.com> <ZNUPyJKah646hZ7p@vlws>
Message-ID: <F335F210-4139-4626-AAC0-E8E3A7DE2583@nginx.com>


> On 10 Aug 2023, at 20:26, Vladimir Homutov via nginx-devel <nginx-devel at nginx.org> wrote:
> 
> On Thu, Aug 10, 2023 at 08:02:06PM +0400, Sergey Kandaurov wrote:
>> 
>>> On 27 Jul 2023, at 16:42, Roman Arutyunyan <arut at nginx.com> wrote:
>>> 
>>> # HG changeset patch
>>> # User Roman Arutyunyan <arut at nginx.com>
>>> # Date 1690461509 -14400
>>> #      Thu Jul 27 16:38:29 2023 +0400
>>> # Node ID 0d12ada84c168c62e9bae847af2725641da583d0
>>> # Parent  2fd16fc76920ef0b8ea2fa64858934e38c4477c5
>>> QUIC: always add ACK frame to the queue head.
>>> 
>>> Previously it was added to the tail as all other frames.  However, if the
>>> amount of queued data is large, it could delay the delivery of ACK, which
>>> could trigger frames retransmissions and slow down the connection.
>>> 
>>> diff --git a/src/event/quic/ngx_event_quic_output.c b/src/event/quic/ngx_event_quic_output.c
>>> --- a/src/event/quic/ngx_event_quic_output.c
>>> +++ b/src/event/quic/ngx_event_quic_output.c
>>> @@ -1175,7 +1175,9 @@ ngx_quic_send_ack(ngx_connection_t *c, n
>>>    frame->u.ack.range_count = ctx->nranges;
>>>    frame->u.ack.first_range = ctx->first_range;
>>> 
>>> -    ngx_quic_queue_frame(qc, frame);
>>> +    ngx_queue_insert_head(&ctx->frames, &frame->queue);
>>> +
>>> +    frame->len = ngx_quic_create_frame(NULL, frame);
>>> 
>>>    return NGX_OK;
>>> }
>> 
>> place frame->len first, to other frame assignments?
>> 
>> Otherwise, looks good.
> 
> The ngx_quic_queue_frame() functions also posts the push event.
> 
> Most likely it will be set anyway, but formally the change missing it.

Yes, post is missed now, thanks for noting.
I believe Roman did so for a reason, because ngx_quic_send_ack() is
called from send data path, so I think this should be safe.

-- 
Sergey Kandaurov

From pluknet at nginx.com  Sat Aug 12 13:27:46 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Sat, 12 Aug 2023 17:27:46 +0400
Subject: [PATCH 1 of 5] QUIC: avoid accessing freed frame
In-Reply-To: <5b91a40f2dd249000e92.1690875912@plentiful-waterbuck>
References: <patchbomb.1690875911@plentiful-waterbuck>
 <5b91a40f2dd249000e92.1690875912@plentiful-waterbuck>
Message-ID: <CC79BEDC-FED9-4A44-ADB2-99C72CB87F7B@nginx.com>


> On 1 Aug 2023, at 11:45, Roman Arutyunyan <arut at nginx.com> wrote:
> 
> # HG changeset patch
> # User Roman Arutyunyan <arut at nginx.com>
> # Date 1690874404 -14400
> #      Tue Aug 01 11:20:04 2023 +0400
> # Node ID 5b91a40f2dd249000e9208a0152dc5cc0c6ea0c4
> # Parent  4f078be6e2ed08643371a3956f5f18f2357a38db
> QUIC: avoid accessing freed frame.
> 
> Previously the field pnum of a potentially freed frame was accessed.  Now the
> value is copied to a local variable.  The old behavior did not cause any
> problems since the frame memory is not freed, but is moved to a free queue
> instead.
> 
> diff --git a/src/event/quic/ngx_event_quic_ack.c b/src/event/quic/ngx_event_quic_ack.c
> --- a/src/event/quic/ngx_event_quic_ack.c
> +++ b/src/event/quic/ngx_event_quic_ack.c
> @@ -548,6 +548,7 @@ ngx_quic_persistent_congestion(ngx_conne
> void
> ngx_quic_resend_frames(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx)
> {
> +    uint64_t                pnum;
>     ngx_queue_t            *q;
>     ngx_quic_frame_t       *f, *start;
>     ngx_quic_stream_t      *qs;
> @@ -556,6 +557,7 @@ ngx_quic_resend_frames(ngx_connection_t 
>     qc = ngx_quic_get_connection(c);
>     q = ngx_queue_head(&ctx->sent);
>     start = ngx_queue_data(q, ngx_quic_frame_t, queue);
> +    pnum = start->pnum;
> 
>     ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
>                    "quic resend packet pnum:%uL", start->pnum);
> @@ -565,7 +567,7 @@ ngx_quic_resend_frames(ngx_connection_t 
>     do {
>         f = ngx_queue_data(q, ngx_quic_frame_t, queue);
> 
> -        if (f->pnum != start->pnum) {
> +        if (f->pnum != pnum) {
>             break;
>         }
> 

Looks good.

-- 
Sergey Kandaurov

From pluknet at nginx.com  Sat Aug 12 13:28:06 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Sat, 12 Aug 2023 17:28:06 +0400
Subject: [PATCH 2 of 5] QUIC: eliminated spurious recovery period
In-Reply-To: <a53bbd94a0fa436535ee.1690875913@plentiful-waterbuck>
References: <patchbomb.1690875911@plentiful-waterbuck>
 <a53bbd94a0fa436535ee.1690875913@plentiful-waterbuck>
Message-ID: <3F5CB1EC-9262-43A9-B75C-2DAF613458B4@nginx.com>


> On 1 Aug 2023, at 11:45, Roman Arutyunyan <arut at nginx.com> wrote:
> 
> # HG changeset patch
> # User Roman Arutyunyan <arut at nginx.com>
> # Date 1690874486 -14400
> #      Tue Aug 01 11:21:26 2023 +0400
> # Node ID a53bbd94a0fa436535ee3bbcb6176befdf47c68a
> # Parent  5b91a40f2dd249000e9208a0152dc5cc0c6ea0c4
> QUIC: eliminated spurious recovery period.
> 
> The initial value for recovery_start used to be the current time.  As a result,
> the packets sent at the very beginning of a connection belonged to a recovery
> period and their ACKs were treated accordingly. The issue manifested itself with
> "quic congestion ack recovery" log messages and slower growth of congestion
> window.  Now the initial value for recovery_start is set to an earlier time,
> which fixes the spurious recovery period.
> 
> diff --git a/src/event/quic/ngx_event_quic.c b/src/event/quic/ngx_event_quic.c
> --- a/src/event/quic/ngx_event_quic.c
> +++ b/src/event/quic/ngx_event_quic.c
> @@ -315,7 +315,7 @@ ngx_quic_new_connection(ngx_connection_t
>                                     ngx_max(2 * qc->tp.max_udp_payload_size,
>                                             14720));
>     qc->congestion.ssthresh = (size_t) -1;
> -    qc->congestion.recovery_start = ngx_current_msec;
> +    qc->congestion.recovery_start = ngx_current_msec - 1;
> 
>     if (pkt->validated && pkt->retried) {
>         qc->tp.retry_scid.len = pkt->dcid.len;

This also needs to be adjusted for a new path and
when entering persistent congestion, per 9002, fig.1.
The former can be seen with quic_migration.t.

-- 
Sergey Kandaurov

From pluknet at nginx.com  Sat Aug 12 15:08:44 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Sat, 12 Aug 2023 19:08:44 +0400
Subject: [PATCH 3 of 5] QUIC: fixed PTO expiration condition
In-Reply-To: <741deb8ff8257914312a.1690875914@plentiful-waterbuck>
References: <patchbomb.1690875911@plentiful-waterbuck>
 <741deb8ff8257914312a.1690875914@plentiful-waterbuck>
Message-ID: <490D6151-A5CB-4B21-B293-24311D721A24@nginx.com>


> On 1 Aug 2023, at 11:45, Roman Arutyunyan <arut at nginx.com> wrote:
> 
> # HG changeset patch
> # User Roman Arutyunyan <arut at nginx.com>
> # Date 1690874519 -14400
> #      Tue Aug 01 11:21:59 2023 +0400
> # Node ID 741deb8ff8257914312ab134f3a0b69256c661f4
> # Parent  a53bbd94a0fa436535ee3bbcb6176befdf47c68a
> QUIC: fixed PTO expiration condition.
> 
> Previously, PTO handler analyzed the first packet in the sent queue for the
> timeout expiration.  However, the last sent packet should be analyzed instead.
> An example is timeout calculation in ngx_quic_set_lost_timer().
> 
> diff --git a/src/event/quic/ngx_event_quic_ack.c b/src/event/quic/ngx_event_quic_ack.c
> --- a/src/event/quic/ngx_event_quic_ack.c
> +++ b/src/event/quic/ngx_event_quic_ack.c
> @@ -840,7 +840,7 @@ ngx_quic_pto_handler(ngx_event_t *ev)
>             continue;
>         }
> 
> -        q = ngx_queue_head(&ctx->sent);
> +        q = ngx_queue_last(&ctx->sent);
>         f = ngx_queue_data(q, ngx_quic_frame_t, queue);
> 
>         if (f->pnum <= ctx->largest_ack

Looks good.

-- 
Sergey Kandaurov

From pluknet at nginx.com  Sun Aug 13 20:18:48 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Mon, 14 Aug 2023 00:18:48 +0400
Subject: [PATCH 4 of 5] QUIC: fixed probe-congestion deadlock
In-Reply-To: <cd0ef56b0f1afaa54d7d.1690875915@plentiful-waterbuck>
References: <patchbomb.1690875911@plentiful-waterbuck>
 <cd0ef56b0f1afaa54d7d.1690875915@plentiful-waterbuck>
Message-ID: <A805E045-FA5B-49A3-A28E-2A4CB1B6881E@nginx.com>


> On 1 Aug 2023, at 11:45, Roman Arutyunyan <arut at nginx.com> wrote:
> 
> # HG changeset patch
> # User Roman Arutyunyan <arut at nginx.com>
> # Date 1690873324 -14400
> #      Tue Aug 01 11:02:04 2023 +0400
> # Node ID cd0ef56b0f1afaa54d7d2756dad2182628445e04
> # Parent  741deb8ff8257914312ab134f3a0b69256c661f4
> QUIC: fixed probe-congestion deadlock.
> 
> When probe timeout expired while congestion window was exhausted, probe PINGs
> could not be sent.  As a result, lost packets could not be declared lost and
> congestion window could not be freed for new packets.  This deadlock
> continued until connection idle timeout expiration.
> 
> Now PINGs are sent separately from the frame queue without congestion control.

Which is supported by this clause in RFC 9002, section 7:

An endpoint MUST NOT send a packet if it would cause bytes_in_flight (see
Appendix B.2) to be larger than the congestion window, unless the packet
is sent on a PTO timer expiration

> 
> diff --git a/src/event/quic/ngx_event_quic_ack.c b/src/event/quic/ngx_event_quic_ack.c
> --- a/src/event/quic/ngx_event_quic_ack.c
> +++ b/src/event/quic/ngx_event_quic_ack.c
> @@ -820,9 +820,9 @@ ngx_quic_pto_handler(ngx_event_t *ev)
> {
>     ngx_uint_t              i;
>     ngx_msec_t              now;
> -    ngx_queue_t            *q, *next;
> +    ngx_queue_t            *q;
>     ngx_connection_t       *c;
> -    ngx_quic_frame_t       *f;
> +    ngx_quic_frame_t       *f, frame;
>     ngx_quic_send_ctx_t    *ctx;
>     ngx_quic_connection_t  *qc;
> 
> @@ -859,63 +859,23 @@ ngx_quic_pto_handler(ngx_event_t *ev)
>                        "quic pto %s pto_count:%ui",
>                        ngx_quic_level_name(ctx->level), qc->pto_count);
> 
> -        for (q = ngx_queue_head(&ctx->frames);
> -             q != ngx_queue_sentinel(&ctx->frames);
> -             /* void */)
> -        {
> -            next = ngx_queue_next(q);
> -            f = ngx_queue_data(q, ngx_quic_frame_t, queue);
> +        ngx_memzero(&frame, sizeof(ngx_quic_frame_t));
> 
> -            if (f->type == NGX_QUIC_FT_PING) {
> -                ngx_queue_remove(q);
> -                ngx_quic_free_frame(c, f);
> -            }
> -
> -            q = next;
> -        }
> -
> -        for (q = ngx_queue_head(&ctx->sent);
> -             q != ngx_queue_sentinel(&ctx->sent);
> -             /* void */)
> -        {
> -            next = ngx_queue_next(q);
> -            f = ngx_queue_data(q, ngx_quic_frame_t, queue);
> +        frame.level = ctx->level;
> +        frame.type = NGX_QUIC_FT_PING;
> 
> -            if (f->type == NGX_QUIC_FT_PING) {
> -                ngx_quic_congestion_lost(c, f);
> -                ngx_queue_remove(q);
> -                ngx_quic_free_frame(c, f);
> -            }
> -
> -            q = next;
> -        }

Removing of handling PING frames in at least ctx->sent looks premature.
Consider PTO happened after sending PING in response to PATH_CHALLENGE
on an active path, as part of RFC 9000, 9.3.3.  In this case, such PING
won't be considered lost, which means we won't enter recovery period.

> -
> -        /* enforce 2 udp datagrams */

The comment is removed, though it's obvious now and should go probably.

> -
> -        f = ngx_quic_alloc_frame(c);
> -        if (f == NULL) {
> -            break;
> +        if (ngx_quic_frame_sendto(c, &frame, 0, qc->path) != NGX_OK
> +            || ngx_quic_frame_sendto(c, &frame, 0, qc->path) != NGX_OK)
> +        {
> +            ngx_quic_close_connection(c, NGX_ERROR);
> +            return;
>         }
> -
> -        f->level = ctx->level;
> -        f->type = NGX_QUIC_FT_PING;
> -        f->flush = 1;
> -
> -        ngx_quic_queue_frame(qc, f);
> -
> -        f = ngx_quic_alloc_frame(c);
> -        if (f == NULL) {
> -            break;
> -        }
> -
> -        f->level = ctx->level;
> -        f->type = NGX_QUIC_FT_PING;
> -
> -        ngx_quic_queue_frame(qc, f);
>     }
> 
>     qc->pto_count++;
> 
> +    ngx_quic_set_lost_timer(c);
> +
>     ngx_quic_connstate_dbg(c);
> }
> 
> diff --git a/src/event/quic/ngx_event_quic_output.c b/src/event/quic/ngx_event_quic_output.c
> --- a/src/event/quic/ngx_event_quic_output.c
> +++ b/src/event/quic/ngx_event_quic_output.c
> @@ -645,10 +645,6 @@ ngx_quic_output_packet(ngx_connection_t 
>         f->plen = 0;
> 
>         nframes++;
> -
> -        if (f->flush) {
> -            break;
> -        }
>     }
> 
>     if (nframes == 0) {
> diff --git a/src/event/quic/ngx_event_quic_transport.h b/src/event/quic/ngx_event_quic_transport.h
> --- a/src/event/quic/ngx_event_quic_transport.h
> +++ b/src/event/quic/ngx_event_quic_transport.h
> @@ -271,7 +271,6 @@ struct ngx_quic_frame_s {
>     ssize_t                                     len;
>     unsigned                                    need_ack:1;
>     unsigned                                    pkt_need_ack:1;
> -    unsigned                                    flush:1;
> 
>     ngx_chain_t                                *data;
>     union {

Otherwise, looks good.

-- 
Sergey Kandaurov

From pluknet at nginx.com  Sun Aug 13 21:12:27 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Mon, 14 Aug 2023 01:12:27 +0400
Subject: [PATCH 5 of 5] QUIC: ignore blocked status in congestion event
 handlers
In-Reply-To: <80df0852e7ed58631025.1690875916@plentiful-waterbuck>
References: <patchbomb.1690875911@plentiful-waterbuck>
 <80df0852e7ed58631025.1690875916@plentiful-waterbuck>
Message-ID: <9518BCE1-23C5-4073-931E-A72B68C79860@nginx.com>


> On 1 Aug 2023, at 11:45, Roman Arutyunyan <arut at nginx.com> wrote:
> 
> # HG changeset patch
> # User Roman Arutyunyan <arut at nginx.com>
> # Date 1690874694 -14400
> #      Tue Aug 01 11:24:54 2023 +0400
> # Node ID 80df0852e7ed58631025398694da6dd4dab42611
> # Parent  cd0ef56b0f1afaa54d7d2756dad2182628445e04
> QUIC: ignore blocked status in congestion event handlers.
> 
> Sometimes, while congestion window allows to send more bytes, the next frame
> still cannot be sent since it's too big.  When this happens, push event is not
> triggered from congestion ack/loss event handlers which may delay packet send.
> 
> Now the blocked status is ignored and push event is always posted when
> congestion window grows bigger.

It would be nice to provide an example.
In my tests of a simple download without packet lost, I don't see that
additionally posted push events do any useful work, while the number
of posted events raised 2x.  Further, I failed to see how the change
would help, because push events are posted then directly from
ngx_quic_handle_ack_frame_range() and ngx_quic_resend_frames().

> 
> diff --git a/src/event/quic/ngx_event_quic_ack.c b/src/event/quic/ngx_event_quic_ack.c
> --- a/src/event/quic/ngx_event_quic_ack.c
> +++ b/src/event/quic/ngx_event_quic_ack.c
> @@ -307,7 +307,6 @@ ngx_quic_handle_ack_frame_range(ngx_conn
> void
> ngx_quic_congestion_ack(ngx_connection_t *c, ngx_quic_frame_t *f)
> {
> -    ngx_uint_t              blocked;
>     ngx_msec_t              timer;
>     ngx_quic_congestion_t  *cg;
>     ngx_quic_connection_t  *qc;
> @@ -319,8 +318,6 @@ ngx_quic_congestion_ack(ngx_connection_t
>     qc = ngx_quic_get_connection(c);
>     cg = &qc->congestion;
> 
> -    blocked = (cg->in_flight >= cg->window) ? 1 : 0;
> -
>     cg->in_flight -= f->plen;
> 
>     timer = f->last - cg->recovery_start;
> @@ -358,7 +355,7 @@ ngx_quic_congestion_ack(ngx_connection_t
> 
> done:
> 
> -    if (blocked && cg->in_flight < cg->window) {
> +    if (cg->in_flight < cg->window) {
>         ngx_post_event(&qc->push, &ngx_posted_events);
>     }
> }
> @@ -648,7 +645,6 @@ ngx_quic_resend_frames(ngx_connection_t 
> static void
> ngx_quic_congestion_lost(ngx_connection_t *c, ngx_quic_frame_t *f)
> {
> -    ngx_uint_t              blocked;
>     ngx_msec_t              timer;
>     ngx_quic_congestion_t  *cg;
>     ngx_quic_connection_t  *qc;
> @@ -660,8 +656,6 @@ ngx_quic_congestion_lost(ngx_connection_
>     qc = ngx_quic_get_connection(c);
>     cg = &qc->congestion;
> 
> -    blocked = (cg->in_flight >= cg->window) ? 1 : 0;
> -
>     cg->in_flight -= f->plen;
>     f->plen = 0;
> 
> @@ -690,7 +684,7 @@ ngx_quic_congestion_lost(ngx_connection_
> 
> done:
> 
> -    if (blocked && cg->in_flight < cg->window) {
> +    if (cg->in_flight < cg->window) {
>         ngx_post_event(&qc->push, &ngx_posted_events);
>     }
> }
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> https://mailman.nginx.org/mailman/listinfo/nginx-devel

-- 
Sergey Kandaurov

From arut at nginx.com  Mon Aug 14 04:35:51 2023
From: arut at nginx.com (Roman Arutyunyan)
Date: Mon, 14 Aug 2023 08:35:51 +0400
Subject: [PATCH 4 of 5] QUIC: fixed probe-congestion deadlock
In-Reply-To: <A805E045-FA5B-49A3-A28E-2A4CB1B6881E@nginx.com>
References: <patchbomb.1690875911@plentiful-waterbuck>
 <cd0ef56b0f1afaa54d7d.1690875915@plentiful-waterbuck>
 <A805E045-FA5B-49A3-A28E-2A4CB1B6881E@nginx.com>
Message-ID: <20230814043551.6mxdcvuiix4o6wyv@N00W24XTQX>

Hi,

On Mon, Aug 14, 2023 at 12:18:48AM +0400, Sergey Kandaurov wrote:
> 
> > On 1 Aug 2023, at 11:45, Roman Arutyunyan <arut at nginx.com> wrote:
> > 
> > # HG changeset patch
> > # User Roman Arutyunyan <arut at nginx.com>
> > # Date 1690873324 -14400
> > #      Tue Aug 01 11:02:04 2023 +0400
> > # Node ID cd0ef56b0f1afaa54d7d2756dad2182628445e04
> > # Parent  741deb8ff8257914312ab134f3a0b69256c661f4
> > QUIC: fixed probe-congestion deadlock.
> > 
> > When probe timeout expired while congestion window was exhausted, probe PINGs
> > could not be sent.  As a result, lost packets could not be declared lost and
> > congestion window could not be freed for new packets.  This deadlock
> > continued until connection idle timeout expiration.
> > 
> > Now PINGs are sent separately from the frame queue without congestion control.
> 
> Which is supported by this clause in RFC 9002, section 7:
> 
> An endpoint MUST NOT send a packet if it would cause bytes_in_flight (see
> Appendix B.2) to be larger than the congestion window, unless the packet
> is sent on a PTO timer expiration

Thanks.  Updated commit message:

QUIC: fixed probe-congestion deadlock.                                           
                                                                                 
When probe timeout expired while congestion window was exhausted, probe PINGs    
could not be sent.  As a result, lost packets could not be declared lost and     
congestion window could not be freed for new packets.  This deadlock             
continued until connection idle timeout expiration.                              
                                                                                 
Now PINGs are sent separately from the frame queue without congestion control,   
as specified by RFC 9002, Section 7:                                             
                                                                                 
  An endpoint MUST NOT send a packet if it would cause bytes_in_flight           
  (see Appendix B.2) to be larger than the congestion window, unless the         
  packet is sent on a PTO timer expiration (see Section 6.2) or when entering    
  recovery (see Section 7.3.2). 

> > diff --git a/src/event/quic/ngx_event_quic_ack.c b/src/event/quic/ngx_event_quic_ack.c
> > --- a/src/event/quic/ngx_event_quic_ack.c
> > +++ b/src/event/quic/ngx_event_quic_ack.c
> > @@ -820,9 +820,9 @@ ngx_quic_pto_handler(ngx_event_t *ev)
> > {
> >     ngx_uint_t              i;
> >     ngx_msec_t              now;
> > -    ngx_queue_t            *q, *next;
> > +    ngx_queue_t            *q;
> >     ngx_connection_t       *c;
> > -    ngx_quic_frame_t       *f;
> > +    ngx_quic_frame_t       *f, frame;
> >     ngx_quic_send_ctx_t    *ctx;
> >     ngx_quic_connection_t  *qc;
> > 
> > @@ -859,63 +859,23 @@ ngx_quic_pto_handler(ngx_event_t *ev)
> >                        "quic pto %s pto_count:%ui",
> >                        ngx_quic_level_name(ctx->level), qc->pto_count);
> > 
> > -        for (q = ngx_queue_head(&ctx->frames);
> > -             q != ngx_queue_sentinel(&ctx->frames);
> > -             /* void */)
> > -        {
> > -            next = ngx_queue_next(q);
> > -            f = ngx_queue_data(q, ngx_quic_frame_t, queue);
> > +        ngx_memzero(&frame, sizeof(ngx_quic_frame_t));
> > 
> > -            if (f->type == NGX_QUIC_FT_PING) {
> > -                ngx_queue_remove(q);
> > -                ngx_quic_free_frame(c, f);
> > -            }
> > -
> > -            q = next;
> > -        }
> > -
> > -        for (q = ngx_queue_head(&ctx->sent);
> > -             q != ngx_queue_sentinel(&ctx->sent);
> > -             /* void */)
> > -        {
> > -            next = ngx_queue_next(q);
> > -            f = ngx_queue_data(q, ngx_quic_frame_t, queue);
> > +        frame.level = ctx->level;
> > +        frame.type = NGX_QUIC_FT_PING;
> > 
> > -            if (f->type == NGX_QUIC_FT_PING) {
> > -                ngx_quic_congestion_lost(c, f);
> > -                ngx_queue_remove(q);
> > -                ngx_quic_free_frame(c, f);
> > -            }
> > -
> > -            q = next;
> > -        }
> 
> Removing of handling PING frames in at least ctx->sent looks premature.
> Consider PTO happened after sending PING in response to PATH_CHALLENGE
> on an active path, as part of RFC 9000, 9.3.3.  In this case, such PING
> won't be considered lost, which means we won't enter recovery period.

The only reason why the code above was added was to prevent accumulation of
multiple PINGs in the queue on multiple PTO expirations.  Now that PINGs
are no longer queued, there's no problem.  The PINGs sent in response to
PATH_CHALLENGE will stay in the queue until they are finally sent.

> > -
> > -        /* enforce 2 udp datagrams */
> 
> The comment is removed, though it's obvious now and should go probably.
> 
> > -
> > -        f = ngx_quic_alloc_frame(c);
> > -        if (f == NULL) {
> > -            break;
> > +        if (ngx_quic_frame_sendto(c, &frame, 0, qc->path) != NGX_OK
> > +            || ngx_quic_frame_sendto(c, &frame, 0, qc->path) != NGX_OK)
> > +        {
> > +            ngx_quic_close_connection(c, NGX_ERROR);
> > +            return;
> >         }
> > -
> > -        f->level = ctx->level;
> > -        f->type = NGX_QUIC_FT_PING;
> > -        f->flush = 1;
> > -
> > -        ngx_quic_queue_frame(qc, f);
> > -
> > -        f = ngx_quic_alloc_frame(c);
> > -        if (f == NULL) {
> > -            break;
> > -        }
> > -
> > -        f->level = ctx->level;
> > -        f->type = NGX_QUIC_FT_PING;
> > -
> > -        ngx_quic_queue_frame(qc, f);
> >     }
> > 
> >     qc->pto_count++;
> > 
> > +    ngx_quic_set_lost_timer(c);
> > +
> >     ngx_quic_connstate_dbg(c);
> > }
> > 
> > diff --git a/src/event/quic/ngx_event_quic_output.c b/src/event/quic/ngx_event_quic_output.c
> > --- a/src/event/quic/ngx_event_quic_output.c
> > +++ b/src/event/quic/ngx_event_quic_output.c
> > @@ -645,10 +645,6 @@ ngx_quic_output_packet(ngx_connection_t 
> >         f->plen = 0;
> > 
> >         nframes++;
> > -
> > -        if (f->flush) {
> > -            break;
> > -        }
> >     }
> > 
> >     if (nframes == 0) {
> > diff --git a/src/event/quic/ngx_event_quic_transport.h b/src/event/quic/ngx_event_quic_transport.h
> > --- a/src/event/quic/ngx_event_quic_transport.h
> > +++ b/src/event/quic/ngx_event_quic_transport.h
> > @@ -271,7 +271,6 @@ struct ngx_quic_frame_s {
> >     ssize_t                                     len;
> >     unsigned                                    need_ack:1;
> >     unsigned                                    pkt_need_ack:1;
> > -    unsigned                                    flush:1;
> > 
> >     ngx_chain_t                                *data;
> >     union {
> 
> Otherwise, looks good.
> 
> -- 
> Sergey Kandaurov
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> https://mailman.nginx.org/mailman/listinfo/nginx-devel

From pluknet at nginx.com  Mon Aug 14 09:32:52 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Mon, 14 Aug 2023 13:32:52 +0400
Subject: [PATCH 4 of 5] QUIC: fixed probe-congestion deadlock
In-Reply-To: <20230814043551.6mxdcvuiix4o6wyv@N00W24XTQX>
References: <patchbomb.1690875911@plentiful-waterbuck>
 <cd0ef56b0f1afaa54d7d.1690875915@plentiful-waterbuck>
 <A805E045-FA5B-49A3-A28E-2A4CB1B6881E@nginx.com>
 <20230814043551.6mxdcvuiix4o6wyv@N00W24XTQX>
Message-ID: <24541F54-4621-4829-87AD-5CACF60D5CB5@nginx.com>


> On 14 Aug 2023, at 08:35, Roman Arutyunyan <arut at nginx.com> wrote:
> 
> Hi,
> 
> On Mon, Aug 14, 2023 at 12:18:48AM +0400, Sergey Kandaurov wrote:
>> 
>>> On 1 Aug 2023, at 11:45, Roman Arutyunyan <arut at nginx.com> wrote:
>>> 
>>> # HG changeset patch
>>> # User Roman Arutyunyan <arut at nginx.com>
>>> # Date 1690873324 -14400
>>> #      Tue Aug 01 11:02:04 2023 +0400
>>> # Node ID cd0ef56b0f1afaa54d7d2756dad2182628445e04
>>> # Parent  741deb8ff8257914312ab134f3a0b69256c661f4
>>> QUIC: fixed probe-congestion deadlock.
>>> 
>>> When probe timeout expired while congestion window was exhausted, probe PINGs
>>> could not be sent.  As a result, lost packets could not be declared lost and
>>> congestion window could not be freed for new packets.  This deadlock
>>> continued until connection idle timeout expiration.
>>> 
>>> Now PINGs are sent separately from the frame queue without congestion control.
>> 
>> Which is supported by this clause in RFC 9002, section 7:
>> 
>> An endpoint MUST NOT send a packet if it would cause bytes_in_flight (see
>> Appendix B.2) to be larger than the congestion window, unless the packet
>> is sent on a PTO timer expiration
> 
> Thanks.  Updated commit message:
> 
> QUIC: fixed probe-congestion deadlock.                                           
> 
> When probe timeout expired while congestion window was exhausted, probe PINGs    
> could not be sent.  As a result, lost packets could not be declared lost and     
> congestion window could not be freed for new packets.  This deadlock             
> continued until connection idle timeout expiration.                              
> 
> Now PINGs are sent separately from the frame queue without congestion control,   
> as specified by RFC 9002, Section 7:                                             
> 
>  An endpoint MUST NOT send a packet if it would cause bytes_in_flight           
>  (see Appendix B.2) to be larger than the congestion window, unless the         
>  packet is sent on a PTO timer expiration (see Section 6.2) or when entering    
>  recovery (see Section 7.3.2). 
> 
>>> diff --git a/src/event/quic/ngx_event_quic_ack.c b/src/event/quic/ngx_event_quic_ack.c
>>> --- a/src/event/quic/ngx_event_quic_ack.c
>>> +++ b/src/event/quic/ngx_event_quic_ack.c
>>> @@ -820,9 +820,9 @@ ngx_quic_pto_handler(ngx_event_t *ev)
>>> {
>>>    ngx_uint_t              i;
>>>    ngx_msec_t              now;
>>> -    ngx_queue_t            *q, *next;
>>> +    ngx_queue_t            *q;
>>>    ngx_connection_t       *c;
>>> -    ngx_quic_frame_t       *f;
>>> +    ngx_quic_frame_t       *f, frame;
>>>    ngx_quic_send_ctx_t    *ctx;
>>>    ngx_quic_connection_t  *qc;
>>> 
>>> @@ -859,63 +859,23 @@ ngx_quic_pto_handler(ngx_event_t *ev)
>>>                       "quic pto %s pto_count:%ui",
>>>                       ngx_quic_level_name(ctx->level), qc->pto_count);
>>> 
>>> -        for (q = ngx_queue_head(&ctx->frames);
>>> -             q != ngx_queue_sentinel(&ctx->frames);
>>> -             /* void */)
>>> -        {
>>> -            next = ngx_queue_next(q);
>>> -            f = ngx_queue_data(q, ngx_quic_frame_t, queue);
>>> +        ngx_memzero(&frame, sizeof(ngx_quic_frame_t));
>>> 
>>> -            if (f->type == NGX_QUIC_FT_PING) {
>>> -                ngx_queue_remove(q);
>>> -                ngx_quic_free_frame(c, f);
>>> -            }
>>> -
>>> -            q = next;
>>> -        }
>>> -
>>> -        for (q = ngx_queue_head(&ctx->sent);
>>> -             q != ngx_queue_sentinel(&ctx->sent);
>>> -             /* void */)
>>> -        {
>>> -            next = ngx_queue_next(q);
>>> -            f = ngx_queue_data(q, ngx_quic_frame_t, queue);
>>> +        frame.level = ctx->level;
>>> +        frame.type = NGX_QUIC_FT_PING;
>>> 
>>> -            if (f->type == NGX_QUIC_FT_PING) {
>>> -                ngx_quic_congestion_lost(c, f);
>>> -                ngx_queue_remove(q);
>>> -                ngx_quic_free_frame(c, f);
>>> -            }
>>> -
>>> -            q = next;
>>> -        }
>> 
>> Removing of handling PING frames in at least ctx->sent looks premature.
>> Consider PTO happened after sending PING in response to PATH_CHALLENGE
>> on an active path, as part of RFC 9000, 9.3.3.  In this case, such PING
>> won't be considered lost, which means we won't enter recovery period.
> 
> The only reason why the code above was added was to prevent accumulation of
> multiple PINGs in the queue on multiple PTO expirations.  Now that PINGs
> are no longer queued, there's no problem.  The PINGs sent in response to
> PATH_CHALLENGE will stay in the queue until they are finally sent.
> 

The code to remove PING frames sent on PTO predates the code for sending
PINGs in response to PATH_CHALLENGE, such that such PINGs are accumulated
in the sent queue as well and get removed on PTO event, entering recovery
period; they are considered lost on PTO event while they are actually not
to be (yet), so this is actually a correct change.  Removing this code
will make such PINGs to stay in the sent queue available for resending
on packet loss, though this barely makes sense after PTO's PINGs.
What actually matters is that removing this code would fix entering
recovery period on PTO, which should not happen as discussed above.

Pondering on that more, I agree to remove this code, please commit.

>>> -
>>> -        /* enforce 2 udp datagrams */
>> 
>> The comment is removed, though it's obvious now and should go probably.
>> 
>>> -
>>> -        f = ngx_quic_alloc_frame(c);
>>> -        if (f == NULL) {
>>> -            break;
>>> +        if (ngx_quic_frame_sendto(c, &frame, 0, qc->path) != NGX_OK
>>> +            || ngx_quic_frame_sendto(c, &frame, 0, qc->path) != NGX_OK)
>>> +        {
>>> +            ngx_quic_close_connection(c, NGX_ERROR);
>>> +            return;
>>>        }
>>> -
>>> -        f->level = ctx->level;
>>> -        f->type = NGX_QUIC_FT_PING;
>>> -        f->flush = 1;
>>> -
>>> -        ngx_quic_queue_frame(qc, f);
>>> -
>>> -        f = ngx_quic_alloc_frame(c);
>>> -        if (f == NULL) {
>>> -            break;
>>> -        }
>>> -
>>> -        f->level = ctx->level;
>>> -        f->type = NGX_QUIC_FT_PING;
>>> -
>>> -        ngx_quic_queue_frame(qc, f);
>>>    }
>>> 
>>>    qc->pto_count++;
>>> 
>>> +    ngx_quic_set_lost_timer(c);
>>> +
>>>    ngx_quic_connstate_dbg(c);
>>> }
>>> 
>>> diff --git a/src/event/quic/ngx_event_quic_output.c b/src/event/quic/ngx_event_quic_output.c
>>> --- a/src/event/quic/ngx_event_quic_output.c
>>> +++ b/src/event/quic/ngx_event_quic_output.c
>>> @@ -645,10 +645,6 @@ ngx_quic_output_packet(ngx_connection_t 
>>>        f->plen = 0;
>>> 
>>>        nframes++;
>>> -
>>> -        if (f->flush) {
>>> -            break;
>>> -        }
>>>    }
>>> 
>>>    if (nframes == 0) {
>>> diff --git a/src/event/quic/ngx_event_quic_transport.h b/src/event/quic/ngx_event_quic_transport.h
>>> --- a/src/event/quic/ngx_event_quic_transport.h
>>> +++ b/src/event/quic/ngx_event_quic_transport.h
>>> @@ -271,7 +271,6 @@ struct ngx_quic_frame_s {
>>>    ssize_t                                     len;
>>>    unsigned                                    need_ack:1;
>>>    unsigned                                    pkt_need_ack:1;
>>> -    unsigned                                    flush:1;
>>> 
>>>    ngx_chain_t                                *data;
>>>    union {
>> 
>> Otherwise, looks good.
>> 
>> -- 
>> Sergey Kandaurov
>> _______________________________________________
>> nginx-devel mailing list
>> nginx-devel at nginx.org
>> https://mailman.nginx.org/mailman/listinfo/nginx-devel
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> https://mailman.nginx.org/mailman/listinfo/nginx-devel

-- 
Sergey Kandaurov

From arut at nginx.com  Mon Aug 14 13:52:36 2023
From: arut at nginx.com (Roman Arutyunyan)
Date: Mon, 14 Aug 2023 17:52:36 +0400
Subject: [PATCH 4 of 4] QUIC: path MTU discovery
In-Reply-To: <CF75A620-01D9-46DA-B114-CFD7D18EAAE1@nginx.com>
References: <patchbomb.1688651833@arut-laptop>
 <1a49fd5d2013b6c8d502.1688651837@arut-laptop>
 <E772A710-B4FC-4A53-8489-DEC5586B29E7@nginx.com>
 <20230731173420.v7dq7bktey2ox4s2@N00W24XTQX>
 <7AACA0BF-BDEA-4546-9673-27D57340EC1E@nginx.com>
 <20230810101847.cm67i7de54tloz2c@N00W24XTQX>
 <CF75A620-01D9-46DA-B114-CFD7D18EAAE1@nginx.com>
Message-ID: <20230814135236.kisdg2opg6f5pwsj@N00W24XTQX>

Hi,

On Thu, Aug 10, 2023 at 06:18:02PM +0400, Sergey Kandaurov wrote:
> 
> > On 10 Aug 2023, at 14:21, Roman Arutyunyan <arut at nginx.com> wrote:
> > 
> > On Tue, Aug 08, 2023 at 01:49:46PM +0400, Sergey Kandaurov wrote:
> > Hi,
> > 
> >> 
> >>> On 31 Jul 2023, at 21:34, Roman Arutyunyan <arut at nginx.com> wrote:
> >>> 
> >>> Hi,
> >>> 
> >>> On Fri, Jul 28, 2023 at 07:51:22PM +0400, Sergey Kandaurov wrote:
> >>>> 
> >>>>> On 6 Jul 2023, at 17:57, Roman Arutyunyan <arut at nginx.com> wrote:
> >>>>> 
> >>>>> # HG changeset patch
> >>>>> # User Roman Arutyunyan <arut at nginx.com>
> >>>>> # Date 1688481216 -14400
> >>>>> #      Tue Jul 04 18:33:36 2023 +0400
> >>>>> # Node ID 1a49fd5d2013b6c8d50263499e6ced440927e949
> >>>>> # Parent  a1ea543d009311765144351b2557c00c8e6445bf
> >>>>> QUIC: path MTU discovery.
> >>>>> 
> >>>>> MTU selection starts by stepping up until the first failure.  Then binary
> >>>>> search is used to find the path MTU.
> >>>>> 
> >>>>> diff --git a/src/core/ngx_connection.c b/src/core/ngx_connection.c
> >>>>> --- a/src/core/ngx_connection.c
> >>>>> +++ b/src/core/ngx_connection.c
> >>>>> @@ -1583,6 +1583,10 @@ ngx_connection_error(ngx_connection_t *c
> >>>>>   }
> >>>>> #endif
> >>>>> 
> >>>>> +    if (err == NGX_EMSGSIZE && c->log_error == NGX_ERROR_IGNORE_EMSGSIZE) {
> >>>>> +        return 0;
> >>>>> +    }
> >>>>> +
> >>>>>   if (err == 0
> >>>>>       || err == NGX_ECONNRESET
> >>>>> #if (NGX_WIN32)
> >>>>> @@ -1600,6 +1604,7 @@ ngx_connection_error(ngx_connection_t *c
> >>>>>   {
> >>>>>       switch (c->log_error) {
> >>>>> 
> >>>>> +        case NGX_ERROR_IGNORE_EMSGSIZE:
> >>>>>       case NGX_ERROR_IGNORE_EINVAL:
> >>>>>       case NGX_ERROR_IGNORE_ECONNRESET:
> >>>>>       case NGX_ERROR_INFO:
> >>>>> diff --git a/src/core/ngx_connection.h b/src/core/ngx_connection.h
> >>>>> --- a/src/core/ngx_connection.h
> >>>>> +++ b/src/core/ngx_connection.h
> >>>>> @@ -97,7 +97,8 @@ typedef enum {
> >>>>>   NGX_ERROR_ERR,
> >>>>>   NGX_ERROR_INFO,
> >>>>>   NGX_ERROR_IGNORE_ECONNRESET,
> >>>>> -    NGX_ERROR_IGNORE_EINVAL
> >>>>> +    NGX_ERROR_IGNORE_EINVAL,
> >>>>> +    NGX_ERROR_IGNORE_EMSGSIZE
> >>>>> } ngx_connection_log_error_e;
> >>>>> 
> >>>>> 
> >>>>> diff --git a/src/event/quic/ngx_event_quic.c b/src/event/quic/ngx_event_quic.c
> >>>>> --- a/src/event/quic/ngx_event_quic.c
> >>>>> +++ b/src/event/quic/ngx_event_quic.c
> >>>>> @@ -149,11 +149,6 @@ ngx_quic_apply_transport_params(ngx_conn
> >>>>>       ngx_log_error(NGX_LOG_INFO, c->log, 0,
> >>>>>                     "quic maximum packet size is invalid");
> >>>>>       return NGX_ERROR;
> >>>>> -
> >>>>> -    } else if (ctp->max_udp_payload_size > ngx_quic_max_udp_payload(c)) {
> >>>>> -        ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c);
> >>>>> -        ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0,
> >>>>> -                       "quic client maximum packet size truncated");
> >>>>>   }
> >>>>> 
> >>>>>   if (ctp->active_connection_id_limit < 2) {
> >>>>> @@ -286,7 +281,7 @@ ngx_quic_new_connection(ngx_connection_t
> >>>>> 
> >>>>>   qc->path_validation.log = c->log;
> >>>>>   qc->path_validation.data = c;
> >>>>> -    qc->path_validation.handler = ngx_quic_path_validation_handler;
> >>>>> +    qc->path_validation.handler = ngx_quic_path_handler;
> >>>>> 
> >>>>>   qc->conf = conf;
> >>>>> 
> >>>>> @@ -297,7 +292,7 @@ ngx_quic_new_connection(ngx_connection_t
> >>>>>   ctp = &qc->ctp;
> >>>>> 
> >>>>>   /* defaults to be used before actual client parameters are received */
> >>>>> -    ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c);
> >>>>> +    ctp->max_udp_payload_size = NGX_QUIC_MAX_UDP_PAYLOAD_SIZE;
> >>>>>   ctp->ack_delay_exponent = NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT;
> >>>>>   ctp->max_ack_delay = NGX_QUIC_DEFAULT_MAX_ACK_DELAY;
> >>>>>   ctp->active_connection_id_limit = 2;
> >>>>> diff --git a/src/event/quic/ngx_event_quic_ack.c b/src/event/quic/ngx_event_quic_ack.c
> >>>>> --- a/src/event/quic/ngx_event_quic_ack.c
> >>>>> +++ b/src/event/quic/ngx_event_quic_ack.c
> >>>>> @@ -229,6 +229,12 @@ ngx_quic_handle_ack_frame_range(ngx_conn
> >>>>> 
> >>>>>   qc = ngx_quic_get_connection(c);
> >>>>> 
> >>>>> +    if (ctx->level == ssl_encryption_application) {
> >>>>> +        if (ngx_quic_handle_path_mtu_ack(c, qc->path, min, max) != NGX_OK) {
> >>>>> +            return NGX_ERROR;
> >>>>> +        }
> >>>>> +    }
> >>>>> +
> >>>>>   st->max_pn = NGX_TIMER_INFINITE;
> >>>>>   found = 0;
> >>>>> 
> >>>>> diff --git a/src/event/quic/ngx_event_quic_connection.h b/src/event/quic/ngx_event_quic_connection.h
> >>>>> --- a/src/event/quic/ngx_event_quic_connection.h
> >>>>> +++ b/src/event/quic/ngx_event_quic_connection.h
> >>>>> @@ -66,6 +66,14 @@ typedef struct ngx_quic_keys_s        ng
> >>>>> #define ngx_quic_get_socket(c)               ((ngx_quic_socket_t *)((c)->udp))
> >>>>> 
> >>>>> 
> >>>>> +typedef enum {
> >>>>> +    NGX_QUIC_PATH_IDLE = 0,
> >>>>> +    NGX_QUIC_PATH_VALIDATING,
> >>>>> +    NGX_QUIC_PATH_WAITING,
> >>>>> +    NGX_QUIC_PATH_DISCOVERING_MTU
> >>>> 
> >>>> Nitpicking on too long name.
> >>>> What about NGX_QUIC_PATH_MTUD or something.
> >>> 
> >>> OK, renamed.
> >>> 
> >>>>> +} ngx_quic_path_state_e;
> >>>>> +
> >>>>> +
> >>>>> struct ngx_quic_client_id_s {
> >>>>>   ngx_queue_t                       queue;
> >>>>>   uint64_t                          seqnum;
> >>>>> @@ -89,18 +97,22 @@ struct ngx_quic_path_s {
> >>>>>   ngx_sockaddr_t                    sa;
> >>>>>   socklen_t                         socklen;
> >>>>>   ngx_quic_client_id_t             *cid;
> >>>>> +    ngx_quic_path_state_e             state;
> >>>>>   ngx_msec_t                        expires;
> >>>>>   ngx_uint_t                        tries;
> >>>>>   ngx_uint_t                        tag;
> >>>>> +    size_t                            mtu;
> >>>>> +    size_t                            mtud;
> >>>>> +    size_t                            max_mtu;
> >>>>>   off_t                             sent;
> >>>>>   off_t                             received;
> >>>>>   u_char                            challenge1[8];
> >>>>>   u_char                            challenge2[8];
> >>>>>   uint64_t                          seqnum;
> >>>>> +    uint64_t                          mtu_pnum[NGX_QUIC_PATH_RETRIES];
> >>>>>   ngx_str_t                         addr_text;
> >>>>>   u_char                            text[NGX_SOCKADDR_STRLEN];
> >>>>> -    unsigned                          validated:1;
> >>>>> -    unsigned                          validating:1;
> >>>>> +    ngx_uint_t                        validated; /* unsigned validated:1; */
> >>>>> };
> >>>>> 
> >>>>> 
> >>>>> diff --git a/src/event/quic/ngx_event_quic_migration.c b/src/event/quic/ngx_event_quic_migration.c
> >>>>> --- a/src/event/quic/ngx_event_quic_migration.c
> >>>>> +++ b/src/event/quic/ngx_event_quic_migration.c
> >>>>> @@ -10,6 +10,11 @@
> >>>>> #include <ngx_event_quic_connection.h>
> >>>>> 
> >>>>> 
> >>>>> +#define NGX_QUIC_PATH_MTU_DELAY       1000
> >>>> 
> >>>> The value looks too much,
> >>>> it would delay each subsequent probe (which is not retry).
> >>> 
> >>> Probably the right value should be determined in real-life scenarios.
> >> 
> >> I'm quite skeptical about delayed probes, it has little to no benefit
> >> for short connections with bulky transfers, as implemented, especially
> >> with short MTU steps.  OTOH, immediate probes can lead to congestion
> >> window starvation resulting in request processing slow down.
> >> 
> >> For the record,
> >> https://www.ietf.org/proceedings/62/pmtud.html provides a discussion
> >> about PMTUD, in particular, on search strategy and when to probe.
> >> For the latter, it seems to articulate an opposite view, i.e. to send
> >> probes ASAP.  Also, it raises a question how short lived connections
> >> could benefit from PMTUD, e.g. by caching path MTU, which seems to
> >> correspond to a shared PLPMTU state in RFC 8899.
> >> 
> >>> Let's decrease the value by a factor of 10 for now.
> >> 
> >> For a simple implementation, 100ms is a good enough trade-off, IMHO.
> >> 
> >>> 
> >>>>> +#define NGX_QUIC_PATH_MTU_STEP        256
> >>>>> +#define NGX_QUIC_PATH_MTU_PRECISION   16
> >>>>> +
> >>>>> +
> >>>>> static void ngx_quic_set_connection_path(ngx_connection_t *c,
> >>>>>   ngx_quic_path_t *path);
> >>>>> static ngx_int_t ngx_quic_validate_path(ngx_connection_t *c,
> >>>>> @@ -17,7 +22,15 @@ static ngx_int_t ngx_quic_validate_path(
> >>>>> static ngx_int_t ngx_quic_send_path_challenge(ngx_connection_t *c,
> >>>>>   ngx_quic_path_t *path);
> >>>>> static void ngx_quic_set_path_timer(ngx_connection_t *c);
> >>>>> +static ngx_int_t ngx_quic_expire_path_validation(ngx_connection_t *c,
> >>>>> +    ngx_quic_path_t *path);
> >>>>> +static ngx_int_t ngx_quic_expire_path_mtu_delay(ngx_connection_t *c,
> >>>>> +    ngx_quic_path_t *path);
> >>>>> +static ngx_int_t ngx_quic_expire_path_mtu_discovery(ngx_connection_t *c,
> >>>>> +    ngx_quic_path_t *path);
> >>>>> static ngx_quic_path_t *ngx_quic_get_path(ngx_connection_t *c, ngx_uint_t tag);
> >>>>> +static ngx_int_t ngx_quic_send_path_mtu_probe(ngx_connection_t *c,
> >>>>> +    ngx_quic_path_t *path);
> >>>>> 
> >>>>> 
> >>>>> ngx_int_t
> >>>>> @@ -97,7 +110,7 @@ ngx_quic_handle_path_response_frame(ngx_
> >>>>>   {
> >>>>>       path = ngx_queue_data(q, ngx_quic_path_t, queue);
> >>>>> 
> >>>>> -        if (!path->validating) {
> >>>>> +        if (path->state != NGX_QUIC_PATH_VALIDATING) {
> >>>>>           continue;
> >>>>>       }
> >>>>> 
> >>>>> @@ -136,6 +149,9 @@ valid:
> >>>>>       {
> >>>>>           /* address did not change */
> >>>>>           rst = 0;
> >>>>> +
> >>>>> +            path->mtu = prev->mtu;
> >>>>> +            path->max_mtu = prev->max_mtu;
> >>>>>       }
> >>>>>   }
> >>>>> 
> >>>>> @@ -167,9 +183,8 @@ valid:
> >>>>>   ngx_quic_path_dbg(c, "is validated", path);
> >>>>> 
> >>>>>   path->validated = 1;
> >>>>> -    path->validating = 0;
> >>>>> 
> >>>>> -    ngx_quic_set_path_timer(c);
> >>>>> +    ngx_quic_discover_path_mtu(c, path);
> >>>>> 
> >>>>>   return NGX_OK;
> >>>>> }
> >>>>> @@ -217,6 +232,8 @@ ngx_quic_new_path(ngx_connection_t *c,
> >>>>>   path->addr_text.len = ngx_sock_ntop(sockaddr, socklen, path->text,
> >>>>>                                       NGX_SOCKADDR_STRLEN, 1);
> >>>>> 
> >>>>> +    path->mtu = NGX_QUIC_MIN_INITIAL_SIZE;
> >>>>> +
> >>>>>   ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
> >>>>>                  "quic path seq:%uL created addr:%V",
> >>>>>                  path->seqnum, &path->addr_text);
> >>>>> @@ -464,7 +481,7 @@ ngx_quic_handle_migration(ngx_connection
> >>>>> 
> >>>>>   ngx_quic_set_connection_path(c, next);
> >>>>> 
> >>>>> -    if (!next->validated && !next->validating) {
> >>>>> +    if (!next->validated && next->state != NGX_QUIC_PATH_VALIDATING) {
> >>>>>       if (ngx_quic_validate_path(c, next) != NGX_OK) {
> >>>>>           return NGX_ERROR;
> >>>>>       }
> >>>>> @@ -492,7 +509,6 @@ ngx_quic_validate_path(ngx_connection_t 
> >>>>>   ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
> >>>>>                  "quic initiated validation of path seq:%uL", path->seqnum);
> >>>>> 
> >>>>> -    path->validating = 1;
> >>>>>   path->tries = 0;
> >>>>> 
> >>>>>   if (RAND_bytes(path->challenge1, 8) != 1) {
> >>>>> @@ -511,6 +527,7 @@ ngx_quic_validate_path(ngx_connection_t 
> >>>>>   pto = ngx_max(ngx_quic_pto(c, ctx), 1000);
> >>>>> 
> >>>>>   path->expires = ngx_current_msec + pto;
> >>>>> +    path->state = NGX_QUIC_PATH_VALIDATING;
> >>>>> 
> >>>>>   ngx_quic_set_path_timer(c);
> >>>>> 
> >>>>> @@ -558,6 +575,42 @@ ngx_quic_send_path_challenge(ngx_connect
> >>>>> }
> >>>>> 
> >>>>> 
> >>>>> +void
> >>>>> +ngx_quic_discover_path_mtu(ngx_connection_t *c, ngx_quic_path_t *path)
> >>>>> +{
> >>>>> +    ngx_quic_connection_t  *qc;
> >>>>> +
> >>>>> +    qc = ngx_quic_get_connection(c);
> >>>>> +
> >>>>> +    if (path->max_mtu) {
> >>>>> +        if (path->max_mtu - path->mtu <= NGX_QUIC_PATH_MTU_PRECISION) {
> >>>>> +            path->state = NGX_QUIC_PATH_IDLE;
> >>>>> +            ngx_quic_set_path_timer(c);
> >>>>> +            return;
> >>>>> +        }
> >>>>> +
> >>>>> +        path->mtud = (path->mtu + path->max_mtu) / 2;
> >>>>> +
> >>>>> +    } else {
> >>>>> +        path->mtud = path->mtu + NGX_QUIC_PATH_MTU_STEP;
> >>>> 
> >>>> I like this approach, compared to multiplying probe steps.
> >>>> This better fits to the pattern to keep around a well-known
> >>>> initial value, which is typically 1500 bytes.
> >>>> Another one could be to let user specify its own initial
> >>>> value for cases when he knows well its network environment.
> >>>> 
> >>>>> +
> >>>>> +        if (path->mtud >= qc->ctp.max_udp_payload_size) {
> >>>>> +            path->mtud = qc->ctp.max_udp_payload_size;
> >>>>> +            path->max_mtu = qc->ctp.max_udp_payload_size;
> >>>>> +        }
> >>>>> +    }
> >>>>> +
> >>>>> +    path->state = NGX_QUIC_PATH_WAITING;
> >>>>> +    path->expires = ngx_current_msec + NGX_QUIC_PATH_MTU_DELAY;
> >>>>> +
> >>>>> +    ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
> >>>>> +                   "quic path seq:%uL schedule mtu:%uz",
> >>>>> +                   path->seqnum, path->mtud);
> >>>>> +
> >>>>> +    ngx_quic_set_path_timer(c);
> >>>>> +}
> >>>>> +
> >>>>> +
> >>>>> static void
> >>>>> ngx_quic_set_path_timer(ngx_connection_t *c)
> >>>>> {
> >>>>> @@ -578,7 +631,7 @@ ngx_quic_set_path_timer(ngx_connection_t
> >>>>>   {
> >>>>>       path = ngx_queue_data(q, ngx_quic_path_t, queue);
> >>>>> 
> >>>>> -        if (!path->validating) {
> >>>>> +        if (path->state == NGX_QUIC_PATH_IDLE) {
> >>>>>           continue;
> >>>>>       }
> >>>>> 
> >>>>> @@ -600,22 +653,18 @@ ngx_quic_set_path_timer(ngx_connection_t
> >>>>> 
> >>>>> 
> >>>>> void
> >>>>> -ngx_quic_path_validation_handler(ngx_event_t *ev)
> >>>>> +ngx_quic_path_handler(ngx_event_t *ev)
> >>>>> {
> >>>>>   ngx_msec_t              now;
> >>>>>   ngx_queue_t            *q;
> >>>>> -    ngx_msec_int_t          left, next, pto;
> >>>>> -    ngx_quic_path_t        *path, *bkp;
> >>>>> +    ngx_msec_int_t          left;
> >>>>> +    ngx_quic_path_t        *path;
> >>>>>   ngx_connection_t       *c;
> >>>>> -    ngx_quic_send_ctx_t    *ctx;
> >>>>>   ngx_quic_connection_t  *qc;
> >>>>> 
> >>>>>   c = ev->data;
> >>>>>   qc = ngx_quic_get_connection(c);
> >>>>> 
> >>>>> -    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
> >>>>> -
> >>>>> -    next = -1;
> >>>>>   now = ngx_current_msec;
> >>>>> 
> >>>>>   q = ngx_queue_head(&qc->paths);
> >>>>> @@ -625,83 +674,274 @@ ngx_quic_path_validation_handler(ngx_eve
> >>>>>       path = ngx_queue_data(q, ngx_quic_path_t, queue);
> >>>>>       q = ngx_queue_next(q);
> >>>>> 
> >>>>> -        if (!path->validating) {
> >>>>> +        if (path->state == NGX_QUIC_PATH_IDLE) {
> >>>>>           continue;
> >>>>>       }
> >>>>> 
> >>>>>       left = path->expires - now;
> >>>>> 
> >>>>>       if (left > 0) {
> >>>>> -
> >>>>> -            if (next == -1 || left < next) {
> >>>>> -                next = left;
> >>>>> -            }
> >>>>> -
> >>>>> -            continue;
> >>>>> -        }
> >>>>> -
> >>>>> -        if (++path->tries < NGX_QUIC_PATH_RETRIES) {
> >>>>> -            pto = ngx_max(ngx_quic_pto(c, ctx), 1000) << path->tries;
> >>>>> -
> >>>>> -            path->expires = ngx_current_msec + pto;
> >>>>> -
> >>>>> -            if (next == -1 || pto < next) {
> >>>>> -                next = pto;
> >>>>> -            }
> >>>>> -
> >>>>> -            /* retransmit */
> >>>>> -            (void) ngx_quic_send_path_challenge(c, path);
> >>>>> -
> >>>>>           continue;
> >>>>>       }
> >>>>> 
> >>>>> -        ngx_log_debug1(NGX_LOG_DEBUG_EVENT, ev->log, 0,
> >>>>> -                       "quic path seq:%uL validation failed", path->seqnum);
> >>>>> +        switch (path->state) {
> >>>>> +        case NGX_QUIC_PATH_VALIDATING:
> >>>>> +             if (ngx_quic_expire_path_validation(c, path) != NGX_OK) {
> >>>>> +                goto failed;
> >>>>> +            }
> >>>>> +
> >>>>> +            break;
> >>>>> +
> >>>>> +        case NGX_QUIC_PATH_WAITING:
> >>>>> +            if (ngx_quic_expire_path_mtu_delay(c, path) != NGX_OK) {
> >>>>> +                goto failed;
> >>>>> +            }
> >>>>> +
> >>>>> +            break;
> >>>>> +
> >>>>> +        case NGX_QUIC_PATH_DISCOVERING_MTU:
> >>>>> +            if (ngx_quic_expire_path_mtu_discovery(c, path) != NGX_OK) {
> >>>>> +                goto failed;
> >>>>> +             }
> >>>>> +
> >>>>> +            break;
> >>>>> +
> >>>> 
> >>>> indentation in several places here
> >>> 
> >>> Fixed, thanks.
> >>> 
> >>>>> +        default:
> >>>>> +            break;
> >>>>> +         }
> >>>>> +     }
> >>>>> +
> >>>>> +    ngx_quic_set_path_timer(c);
> >>>>> +
> >>>>> +    return;
> >>>>> 
> >>>>> -        /* found expired path */
> >>>>> +failed:
> >>>>> +
> >>>>> +    ngx_quic_close_connection(c, NGX_ERROR);
> >>>>> +}
> >>>>> +
> >>>>> +
> >>>>> +static ngx_int_t
> >>>>> +ngx_quic_expire_path_validation(ngx_connection_t *c, ngx_quic_path_t *path)
> >>>>> +{
> >>>>> +    ngx_msec_int_t          pto;
> >>>>> +    ngx_quic_path_t        *bkp;
> >>>>> +    ngx_quic_send_ctx_t    *ctx;
> >>>>> +    ngx_quic_connection_t  *qc;
> >>>>> 
> >>>>> -        path->validated = 0;
> >>>>> -        path->validating = 0;
> >>>>> +    qc = ngx_quic_get_connection(c);
> >>>>> +    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
> >>>>> +
> >>>>> +    if (++path->tries < NGX_QUIC_PATH_RETRIES) {
> >>>>> +        pto = ngx_max(ngx_quic_pto(c, ctx), 1000) << path->tries;
> >>>>> +        path->expires = ngx_current_msec + pto;
> >>>>> +
> >>>>> +        (void) ngx_quic_send_path_challenge(c, path);
> >>>>> +
> >>>>> +        return NGX_OK;
> >>>>> +    }
> >>>>> +
> >>>>> +    ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
> >>>>> +                   "quic path seq:%uL validation failed", path->seqnum);
> >>>>> +
> >>>>> +    /* found expired path */
> >>>>> +
> >>>>> +    path->validated = 0;
> >>>>> 
> >>>>> 
> >>>>> -        /* RFC 9000, 9.3.2.  On-Path Address Spoofing
> >>>>> -         *
> >>>>> -         * To protect the connection from failing due to such a spurious
> >>>>> -         * migration, an endpoint MUST revert to using the last validated
> >>>>> -         * peer address when validation of a new peer address fails.
> >>>>> -         */
> >>>>> -
> >>>>> -        if (qc->path == path) {
> >>>>> -            /* active path validation failed */
> >>>>> -
> >>>>> -            bkp = ngx_quic_get_path(c, NGX_QUIC_PATH_BACKUP);
> >>>>> +    /* RFC 9000, 9.3.2.  On-Path Address Spoofing
> >>>>> +     *
> >>>>> +     * To protect the connection from failing due to such a spurious
> >>>>> +     * migration, an endpoint MUST revert to using the last validated
> >>>>> +     * peer address when validation of a new peer address fails.
> >>>>> +     */
> >>>>> 
> >>>>> -            if (bkp == NULL) {
> >>>>> -                qc->error = NGX_QUIC_ERR_NO_VIABLE_PATH;
> >>>>> -                qc->error_reason = "no viable path";
> >>>>> -                ngx_quic_close_connection(c, NGX_ERROR);
> >>>>> -                return;
> >>>>> -            }
> >>>>> +    if (qc->path == path) {
> >>>>> +        /* active path validation failed */
> >>>>> +
> >>>>> +        bkp = ngx_quic_get_path(c, NGX_QUIC_PATH_BACKUP);
> >>>>> 
> >>>>> -            qc->path = bkp;
> >>>>> -            qc->path->tag = NGX_QUIC_PATH_ACTIVE;
> >>>>> -
> >>>>> -            ngx_quic_set_connection_path(c, qc->path);
> >>>>> -
> >>>>> -            ngx_log_error(NGX_LOG_INFO, c->log, 0,
> >>>>> -                          "quic path seq:%uL addr:%V is restored from backup",
> >>>>> -                          qc->path->seqnum, &qc->path->addr_text);
> >>>>> -
> >>>>> -            ngx_quic_path_dbg(c, "is active", qc->path);
> >>>>> +        if (bkp == NULL) {
> >>>>> +            qc->error = NGX_QUIC_ERR_NO_VIABLE_PATH;
> >>>>> +            qc->error_reason = "no viable path";
> >>>>> +            return NGX_ERROR;
> >>>>>       }
> >>>>> 
> >>>>> -        if (ngx_quic_free_path(c, path) != NGX_OK) {
> >>>>> -            ngx_quic_close_connection(c, NGX_ERROR);
> >>>>> -            return;
> >>>>> +        qc->path = bkp;
> >>>>> +        qc->path->tag = NGX_QUIC_PATH_ACTIVE;
> >>>>> +
> >>>>> +        ngx_quic_set_connection_path(c, qc->path);
> >>>>> +
> >>>>> +        ngx_log_error(NGX_LOG_INFO, c->log, 0,
> >>>>> +                      "quic path seq:%uL addr:%V is restored from backup",
> >>>>> +                      qc->path->seqnum, &qc->path->addr_text);
> >>>>> +
> >>>>> +        ngx_quic_path_dbg(c, "is active", qc->path);
> >>>>> +    }
> >>>>> +
> >>>>> +    return ngx_quic_free_path(c, path);
> >>>>> +}
> >>>>> +
> >>>>> +
> >>>>> +static ngx_int_t
> >>>>> +ngx_quic_expire_path_mtu_delay(ngx_connection_t *c, ngx_quic_path_t *path)
> >>>>> +{
> >>>>> +    ngx_int_t               rc;
> >>>>> +    ngx_uint_t              i;
> >>>>> +    ngx_msec_t              pto;
> >>>>> +    ngx_quic_send_ctx_t    *ctx;
> >>>>> +    ngx_quic_connection_t  *qc;
> >>>>> +
> >>>>> +    qc = ngx_quic_get_connection(c);
> >>>>> +    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
> >>>>> +
> >>>>> +    path->tries = 0;
> >>>>> +
> >>>>> +    for ( ;; ) {
> >>>>> +
> >>>>> +        for (i = 0; i < NGX_QUIC_PATH_RETRIES; i++) {
> >>>>> +            path->mtu_pnum[i] = NGX_QUIC_UNSET_PN;
> >>>>> +        }
> >>>>> +
> >>>>> +        rc = ngx_quic_send_path_mtu_probe(c, path);
> >>>>> +
> >>>>> +        if (rc == NGX_ERROR) {
> >>>>> +            return NGX_ERROR;
> >>>>> +        }
> >>>>> +
> >>>>> +        if (rc == NGX_OK) {
> >>>>> +            pto = ngx_quic_pto(c, ctx);
> >>>>> +            path->expires = ngx_current_msec + pto;
> >>>>> +            path->state = NGX_QUIC_PATH_DISCOVERING_MTU;
> >>>>> +            return NGX_OK;
> >>>>> +        }
> >>>>> +
> >>>>> +        /* rc == NGX_DECLINED */
> >>>>> +
> >>>>> +        path->max_mtu = path->mtud;
> >>>>> +
> >>>>> +        if (path->max_mtu - path->mtu <= NGX_QUIC_PATH_MTU_PRECISION) {
> >>>>> +            path->state = NGX_QUIC_PATH_IDLE;
> >>>>> +            return NGX_OK;
> >>>>> +        }
> >>>>> +
> >>>>> +        path->mtud = (path->mtu + path->max_mtu) / 2;
> >>>>> +    }
> >>>>> +}
> >>>>> +
> >>>>> +
> >>>>> +static ngx_int_t
> >>>>> +ngx_quic_expire_path_mtu_discovery(ngx_connection_t *c, ngx_quic_path_t *path)
> >>>>> +{
> >>>>> +    ngx_int_t               rc;
> >>>>> +    ngx_msec_int_t          pto;
> >>>>> +    ngx_quic_send_ctx_t    *ctx;
> >>>>> +    ngx_quic_connection_t  *qc;
> >>>>> +
> >>>>> +    qc = ngx_quic_get_connection(c);
> >>>>> +    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
> >>>>> +
> >>>>> +    if (++path->tries < NGX_QUIC_PATH_RETRIES) {
> >>>>> +        pto = ngx_quic_pto(c, ctx) << path->tries;
> >>>>> +        path->expires = ngx_current_msec + pto;
> >>>>> +
> >>>> 
> >>>> Setting path->expires there seems useless.
> >>>> It don't seem to be used in ngx_quic_send_path_mtu_probe(),
> >>>> and ngx_quic_discover_path_mtu() used to reset path->expires.
> >>> 
> >>> If ngx_quic_send_path_mtu_probe() below returns NGX_OK, the path should stay
> >>> in the same state, but expiration time should be advanced.  To make it
> >>> more obvious, I changed this code.
> >> 
> >> Updated code makes it clear, thanks.
> >> 
> >>> 
> >>>>> +        rc = ngx_quic_send_path_mtu_probe(c, path);
> >>>>> +        if (rc != NGX_DECLINED) {
> >>>>> +            return rc;
> >>>>>       }
> >>>>>   }
> >>>>> 
> >>>>> -    if (next != -1) {
> >>>>> -        ngx_add_timer(&qc->path_validation, next);
> >>>>> +    ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
> >>>>> +                   "quic path seq:%uL expired mtu:%uz",
> >>>>> +                   path->seqnum, path->mtud);
> >>>>> +
> >>>>> +    path->max_mtu = path->mtud;
> >>>>> +
> >>>>> +    ngx_quic_discover_path_mtu(c, path);
> >>>>> +
> >>>>> +    return NGX_OK;
> >>>>> +}
> >>>>> +
> >>>>> +
> >>>>> +static ngx_int_t
> >>>>> +ngx_quic_send_path_mtu_probe(ngx_connection_t *c, ngx_quic_path_t *path)
> >>>>> +{
> >>>>> +    ngx_int_t               rc;
> >>>>> +    ngx_uint_t              log_error;
> >>>>> +    ngx_quic_frame_t        frame;
> >>>>> +    ngx_quic_send_ctx_t    *ctx;
> >>>>> +    ngx_quic_connection_t  *qc;
> >>>>> +
> >>>>> +    ngx_memzero(&frame, sizeof(ngx_quic_frame_t));
> >>>>> +
> >>>>> +    frame.level = ssl_encryption_application;
> >>>>> +    frame.type = NGX_QUIC_FT_PING;
> >>>>> +
> >>>>> +    qc = ngx_quic_get_connection(c);
> >>>>> +    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
> >>>>> +    path->mtu_pnum[path->tries] = ctx->pnum;
> >>>>> +
> >>>>> +    ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0,
> >>>>> +                   "quic path seq:%uL send probe "
> >>>>> +                   "mtu:%uz pnum:%uL tries:%ui",
> >>>>> +                   path->seqnum, path->mtud, ctx->pnum, path->tries);
> >>>>> +
> >>>>> +    log_error = c->log_error;
> >>>>> +    c->log_error = NGX_ERROR_IGNORE_EMSGSIZE;
> >>>>> +
> >>>>> +    rc = ngx_quic_frame_sendto(c, &frame, path->mtud, path);
> >>>>> +    c->log_error = log_error;
> >>>>> +
> >>>>> +    if (rc == NGX_ERROR) {
> >>>>> +        if (c->write->error) {
> >>>>> +            c->write->error = 0;
> >>>>> +
> >>>>> +            ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
> >>>>> +                           "quic path seq:%uL rejected mtu:%uz",
> >>>>> +                           path->seqnum, path->mtud);
> >>>>> +
> >>>>> +            return NGX_DECLINED;
> >>>> 
> >>>> The error handling looks awkward to decline on write error.
> >>>> ngx_sendmsg() sets write error on fatal sendmsg errors,
> >>>> and keeps it unset NGX_EAGAIN and NGX_EINTR, which
> >>>> are typically non-fatal transient errors.
> >>>> I understand this is done mostly to ignore EMSGSIZE,
> >>>> maybe it makes sense to ignore the rest sendmsg() errors.
> >>> 
> >>> The problem is, the error doesn't make it to this point.  All be have here is
> >>> NGX_ERROR and c->write->error.  I think, for PMTUD purposes we can safely
> >>> ignore the errors.  It's hinghly likely, the error will repeat while doing
> >>> connection I/O and we'll shortly close the connection.
> >> 
> >> Ok, I re-read ngx_sendmsg() to clarify the following:
> >> - NGX_EINTR is handled internally and never returned up to here;
> >> - NGX_EAGAIN (NGX_AGAIN) seems to be returned, at least on Linux,
> >>  when send buffer is low for the MTU probe, converted to NGX_OK;
> >> - FTR, looking at sosend_dgram() on FreeBSD, sendmsg seems to
> >>  return EMSGSIZE there, instead, on low socket buffer space;
> >> - other sendmsg errors are returned as NGX_ERROR, and
> >>  c->write->error is set; this is converted to NGX_DECLINED;
> >> - non-sendmsg NGX_ERRORs appeared in ngx_quic_frame_sendto()
> >>  are passed as is without conversion.
> >> 
> >> So, the error handling as implemented to decline on any sendmsg
> >> "fatal" errors actually makes sense, if we'd like to avoid rewriting
> >> ngx_sendmsg() to further distinguish sendmsg errors, notably EMSGSIZE.
> >> The downside is that connection may ignore actually fatal errors,
> >> though the error will likely repeat on sending non-probing frames.
> >> 
> >> NGX_AGAIN conversion to NGX_OK is questionable, because this
> >> makes a probe considered successfully sent while it is not.
> >> I wonder though what we can do about that other than to simply
> >> ignore, similar to other ngx_quic_frame_sendto() callers,
> >> because next time on a probe retry sendmsg can return success.
> > 
> > Ignoring certain send error for probes is not a big deal since timeout
> > expiration will lead to the same result eventually.
> > 
> >>>>> +        }
> >>>>> +
> >>>>> +        return NGX_ERROR;
> >>>>>   }
> >>>>> +
> >>>>> +    return NGX_OK;
> >>>>> }
> >>>>> +
> >>>>> +
> >>>>> +ngx_int_t
> >>>>> +ngx_quic_handle_path_mtu_ack(ngx_connection_t *c, ngx_quic_path_t *path,
> >>>>> +    uint64_t min, uint64_t max)
> >>>>> +{
> >>>>> +    uint64_t    pnum;
> >>>>> +    ngx_uint_t  i;
> >>>>> +
> >>>>> +    if (path->state != NGX_QUIC_PATH_DISCOVERING_MTU) {
> >>>>> +        return NGX_OK;
> >>>>> +    }
> >>>>> +
> >>>>> +    for (i = 0; i < NGX_QUIC_PATH_RETRIES; i++) {
> >>>>> +        pnum = path->mtu_pnum[i];
> >>>>> +
> >>>>> +        if (pnum == NGX_QUIC_UNSET_PN) {
> >>>>> +            break;
> >>>>> +        }
> >>>>> +
> >>>>> +        if (pnum < min || pnum > max) {
> >>>>> +            continue;
> >>>>> +        }
> >>>>> +
> >>>>> +        path->mtu = path->mtud;
> >>>>> +
> >>>>> +        ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
> >>>>> +                       "quic path seq:%uL ack mtu:%uz",
> >>>>> +                       path->seqnum, path->mtu);
> >>>>> +
> >>>>> +        ngx_quic_discover_path_mtu(c, path);
> >>>>> +
> >>>>> +        break;
> >>>> 
> >>>> What if two probes appeared ACKed in one range.
> >>>> Though that seems to be safe to break there, as two
> >>>> probes barely have different probe sizes, rather retries.
> >>> 
> >>> No matter how many probes are acked, the next step is still the same.
> >>> So there's no reason to find all of them.
> >>> 
> >> 
> >> Ok, let's leave it as is.
> >> 
> >>>>> +    }
> >>>>> +
> >>>>> +    return NGX_OK;
> >>>>> +}
> >>>>> diff --git a/src/event/quic/ngx_event_quic_migration.h b/src/event/quic/ngx_event_quic_migration.h
> >>>>> --- a/src/event/quic/ngx_event_quic_migration.h
> >>>>> +++ b/src/event/quic/ngx_event_quic_migration.h
> >>>>> @@ -18,10 +18,10 @@
> >>>>> #define NGX_QUIC_PATH_BACKUP    2
> >>>>> 
> >>>>> #define ngx_quic_path_dbg(c, msg, path)                                       \
> >>>>> -    ngx_log_debug6(NGX_LOG_DEBUG_EVENT, c->log, 0,                            \
> >>>>> -                   "quic path seq:%uL %s sent:%O recvd:%O state:%s%s",        \
> >>>>> +    ngx_log_debug7(NGX_LOG_DEBUG_EVENT, c->log, 0,                            \
> >>>>> +                   "quic path seq:%uL %s tx:%O rx:%O valid:%d st:%d mtu:%uz", \
> >>>>>                  path->seqnum, msg, path->sent, path->received,             \
> >>>>> -                   path->validated ? "V": "N", path->validating ? "R": "");
> >>>>> +                   path->validated, path->state, path->mtu);
> >>>>> 
> >>>>> ngx_int_t ngx_quic_handle_path_challenge_frame(ngx_connection_t *c,
> >>>>>   ngx_quic_header_t *pkt, ngx_quic_path_challenge_frame_t *f);
> >>>>> @@ -36,6 +36,10 @@ ngx_int_t ngx_quic_set_path(ngx_connecti
> >>>>> ngx_int_t ngx_quic_handle_migration(ngx_connection_t *c,
> >>>>>   ngx_quic_header_t *pkt);
> >>>>> 
> >>>>> -void ngx_quic_path_validation_handler(ngx_event_t *ev);
> >>>>> +void ngx_quic_path_handler(ngx_event_t *ev);
> >>>>> +
> >>>>> +void ngx_quic_discover_path_mtu(ngx_connection_t *c, ngx_quic_path_t *path);
> >>>>> +ngx_int_t ngx_quic_handle_path_mtu_ack(ngx_connection_t *c,
> >>>>> +    ngx_quic_path_t *path, uint64_t min, uint64_t max);
> >>>> 
> >>>> Nitpicking:
> >>>> maybe just ngx_quic_handle_path_mtu() ?
> >>>> This would match ngx_quic_discover_path_mtu() naming.
> >>> 
> >>> OK, renamed.
> >>> 
> >>>>> 
> >>>>> #endif /* _NGX_EVENT_QUIC_MIGRATION_H_INCLUDED_ */
> >>>>> diff --git a/src/event/quic/ngx_event_quic_output.c b/src/event/quic/ngx_event_quic_output.c
> >>>>> --- a/src/event/quic/ngx_event_quic_output.c
> >>>>> +++ b/src/event/quic/ngx_event_quic_output.c
> >>>>> @@ -10,9 +10,6 @@
> >>>>> #include <ngx_event_quic_connection.h>
> >>>>> 
> >>>>> 
> >>>>> -#define NGX_QUIC_MAX_UDP_PAYLOAD_OUT   1252
> >>>>> -#define NGX_QUIC_MAX_UDP_PAYLOAD_OUT6  1232
> >>>>> -
> >>>>> #define NGX_QUIC_MAX_UDP_SEGMENT_BUF  65487 /* 65K - IPv6 header */
> >>>>> #define NGX_QUIC_MAX_SEGMENTS            64 /* UDP_MAX_SEGMENTS */
> >>>>> 
> >>>>> @@ -61,21 +58,6 @@ static size_t ngx_quic_path_limit(ngx_co
> >>>>>   size_t size);
> >>>>> 
> >>>>> 
> >>>>> -size_t
> >>>>> -ngx_quic_max_udp_payload(ngx_connection_t *c)
> >>>>> -{
> >>>>> -    /* TODO: path MTU discovery */
> >>>>> -
> >>>>> -#if (NGX_HAVE_INET6)
> >>>>> -    if (c->sockaddr->sa_family == AF_INET6) {
> >>>>> -        return NGX_QUIC_MAX_UDP_PAYLOAD_OUT6;
> >>>>> -    }
> >>>>> -#endif
> >>>>> -
> >>>>> -    return NGX_QUIC_MAX_UDP_PAYLOAD_OUT;
> >>>>> -}
> >>>>> -
> >>>>> -
> >>>>> ngx_int_t
> >>>>> ngx_quic_output(ngx_connection_t *c)
> >>>>> {
> >>>>> @@ -142,10 +124,7 @@ ngx_quic_create_datagrams(ngx_connection
> >>>>> 
> >>>>>       p = dst;
> >>>>> 
> >>>>> -        len = ngx_min(qc->ctp.max_udp_payload_size,
> >>>>> -                      NGX_QUIC_MAX_UDP_PAYLOAD_SIZE);
> >>>>> -
> >>>>> -        len = ngx_quic_path_limit(c, path, len);
> >>>>> +        len = ngx_quic_path_limit(c, path, path->mtu);
> >>>>> 
> >>>>>       pad = ngx_quic_get_padding_level(c);
> >>>>> 
> >>>>> @@ -299,9 +278,7 @@ ngx_quic_allow_segmentation(ngx_connecti
> >>>>>   ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
> >>>>> 
> >>>>>   bytes = 0;
> >>>>> -
> >>>>> -    len = ngx_min(qc->ctp.max_udp_payload_size,
> >>>>> -                  NGX_QUIC_MAX_UDP_SEGMENT_BUF);
> >>>>> +    len = ngx_min(qc->path->mtu, NGX_QUIC_MAX_UDP_SEGMENT_BUF);
> >>>>> 
> >>>>>   for (q = ngx_queue_head(&ctx->frames);
> >>>>>        q != ngx_queue_sentinel(&ctx->frames);
> >>>>> @@ -345,8 +322,7 @@ ngx_quic_create_segments(ngx_connection_
> >>>>>       return NGX_ERROR;
> >>>>>   }
> >>>>> 
> >>>>> -    segsize = ngx_min(qc->ctp.max_udp_payload_size,
> >>>>> -                      NGX_QUIC_MAX_UDP_SEGMENT_BUF);
> >>>>> +    segsize = ngx_min(path->mtu, NGX_QUIC_MAX_UDP_SEGMENT_BUF);
> >>>>>   p = dst;
> >>>>>   end = dst + sizeof(dst);
> >>>>> 
> >>>>> diff --git a/src/event/quic/ngx_event_quic_output.h b/src/event/quic/ngx_event_quic_output.h
> >>>>> --- a/src/event/quic/ngx_event_quic_output.h
> >>>>> +++ b/src/event/quic/ngx_event_quic_output.h
> >>>>> @@ -12,8 +12,6 @@
> >>>>> #include <ngx_core.h>
> >>>>> 
> >>>>> 
> >>>>> -size_t ngx_quic_max_udp_payload(ngx_connection_t *c);
> >>>>> -
> >>>>> ngx_int_t ngx_quic_output(ngx_connection_t *c);
> >>>>> 
> >>>>> ngx_int_t ngx_quic_negotiate_version(ngx_connection_t *c,
> >>>>> diff --git a/src/event/quic/ngx_event_quic_ssl.c b/src/event/quic/ngx_event_quic_ssl.c
> >>>>> --- a/src/event/quic/ngx_event_quic_ssl.c
> >>>>> +++ b/src/event/quic/ngx_event_quic_ssl.c
> >>>>> @@ -494,6 +494,8 @@ ngx_quic_crypto_input(ngx_connection_t *
> >>>>>    */
> >>>>>   ngx_quic_discard_ctx(c, ssl_encryption_handshake);
> >>>>> 
> >>>>> +    ngx_quic_discover_path_mtu(c, qc->path);
> >>>>> +
> >>>>>   /* start accepting clients on negotiated number of server ids */
> >>>>>   if (ngx_quic_create_sockets(c) != NGX_OK) {
> >>>>>       return NGX_ERROR;
> >>>>> diff --git a/src/os/unix/ngx_errno.h b/src/os/unix/ngx_errno.h
> >>>>> --- a/src/os/unix/ngx_errno.h
> >>>>> +++ b/src/os/unix/ngx_errno.h
> >>>>> @@ -54,6 +54,7 @@ typedef int               ngx_err_t;
> >>>>> #define NGX_ENOMOREFILES  0
> >>>>> #define NGX_ELOOP         ELOOP
> >>>>> #define NGX_EBADF         EBADF
> >>>>> +#define NGX_EMSGSIZE      EMSGSIZE
> >>>>> 
> >>>>> #if (NGX_HAVE_OPENAT)
> >>>>> #define NGX_EMLINK        EMLINK
> >> 
> >> This will break on win32, an NGX_EMSGSIZE definition needs to be
> >> provided there, which is WSAEMSGSIZE.
> > 
> > Thanks, fixed.
> > 
> >>> 
> >>> The diff is attached.
> >>> 
> >> 
> >> The diff looks good.
> > 
> > Also, with step-based mtu step updates, QUIC flood detection is triggered with
> > the h3_keepalive.t on interfaces with large mtu.  I think, doubling mtu
> > is a safer choice.
> 
> While optimizing for theoretical maximum is not something to accent,
> it is certainly expected to work well on various links.  Below are some
> numbers to consider, taken on various PMTU and interval/search strategy.
> 
> = 20 streams, 1mb response each, pmtu=65536 (sampled 3 times)
> 
> pn/ack  probes  last    total bytes
> 
> == 1000ms + 256
> 1       21      6.320   79.472
> 2       18      5.808   65.376
> 3       17      5.552   59.568
> 4       15      2.400   33.984
> 
> == 100ms + 256
> 1       263     65.500  8.962.971
> 2       256     65.500  8.708.555
> 3       268     65.500  9.188.363
> 
> == 100ms * 2
> 1       17-24   65.513    833.607-1.286.679
> 2       23-24   65.513  1.190.607-1.255.710
> 3       20-23   65.513    996.252-1.198.820
> 4       18      65.513    872.007
> 
> It is clearly seen from the above:
> - "1000ms + 256" (baseline) does not converge after 20 MB
> - "100ms + 256" converges but hits flood detection limit,
>   which is 8 MB of probes if no stream traffic in the connection.
> - "100ms * 2" results in ~ 1 MB of total probe traffic
> 
> This explains how h3_keepalive.t is failed.
> 
> 
> Below "100ms * 2" is also seen with better avg payload size.
> Compared with pto and ack-only packets cleared from raw data,
> seen increased with "100ms * 2" if client ack's with frequency
> less than on every second packet, which messed up avg stats.
> 
> = 20 streams, 1mb response each, pmtu=65536 (sampled 3 times)
> 
> pn/ack  pn      stat
> 
> == 1000ms + 256
> 1       N=8245  min=3  max=6033  m=2437 avg=2552  std=1750
> 2       N=8481  min=3  max=5733  m=2296 avg=2486  std=1453
> 3       N=8703  min=3  max=5517  m=2189 avg=2424  std=1361
> 4       N=11237 min=3 max=2349  m=2349 avg=1879   std=770
> 
> == 100ms + 256
> 1       N=3757  min=3 max=18573 m=3494 avg=5440   std=5226
> 2       N=3696  min=3 max=17037 m=4493 avg=5686   std=4475
> 3       N=3745  min=3 max=16525 m=4493 avg=5657   std=4308
> 
> == 100ms * 2
> 1       N=1956  min=3  max=65465 m=1165 avg=10757 std=23394
> 2       N=1150  min=3  max=65465 m=2320 avg=18264 std=26491
> 3       N=1411  min=3  max=65465 m=1165 avg=14879 std=25476
> 4       N=1691  min=3  max=65465 m=548  avg=12419 std=23854
> == after clearing pto and ack-only
> 1*      N=1910  min=9  max=65465 m=1165 avg=11014 std=23612
> 2*      N=1095  min=10 max=65465 m=2365 avg=19181 std=26823
> 3*      N=1117  min=12 max=65465 m=2193 avg=18798 std=27320
> 4*      N=1145  min=9  max=65465 m=2365 avg=18333 std=27049
> 
> As seen from the above, "100ms * 2" represents worse median,
> even with pto/ack-only cleared, which may be a sign of poor
> packing to maximum packet size, resulting in short packets.
> 
> 
> On a typical PMTU of up to 1500, the difference is leveled
> (captured with pn/ack=2)
> 
> = 20 streams, 1mb response each, pmtu=1500 (sampled 3 times)
> 
> x 1000_256
> + 100_256
> * 100_x2
>     N           Min           Max        Median           Avg        Stddev
> x 16443             3          1437          1437     1283.7392     414.27811
> + 16377             3          1437          1437     1288.8831     412.92124
> No difference proven at 95.0% confidence
> * 16398             3          1436          1436     1287.2667     413.79561
> No difference proven at 95.0% confidence
> 
> pn/ack  probes  last    total bytes
> == 1000ms + 256
> 2       6       1472    9232
> == 100ms + 256
> 2       6       1472    9232
> == 100ms * 2
> 2       8       1471    12889
> 
> > 
> > Also, while looking in migration test logs, I thought it might be a good idea to
> > only handle validation/mtu events for the currently active path.
> > 
> 
> Can you elaborate?

I had another patch applied while testing pmtud and had the migration test
failed.  I think, we can in future simplify path event handling by only handin
the active path.  But we have to be careful.

> > Including 3 patch updates:
> > 
> > - the last one + win32 fix + format fix in ngx_quic_path_dbg()
> > - x2 mtu

Merged these two updates.  Final patch attached.

> > - single-path event handling

Let's postpone this one for now.

> > --
> > Roman Arutyunyan
> > <quic-pmtud-fix.txt><quic-pmtud-scale-x2.txt><quic-pmtud-fix-2.txt>_______________________________________________
> > nginx-devel mailing list
> > nginx-devel at nginx.org
> > https://mailman.nginx.org/mailman/listinfo/nginx-devel
> 
> -- 
> Sergey Kandaurov
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> https://mailman.nginx.org/mailman/listinfo/nginx-devel

--
Roman Arutyunyan
-------------- next part --------------
# HG changeset patch
# User Roman Arutyunyan <arut at nginx.com>
# Date 1691990487 -14400
#      Mon Aug 14 09:21:27 2023 +0400
# Node ID 58afcd72446ff33811e773f1cabb7866a92a09a0
# Parent  f3412ec3b6d146f091acee2c8cf44e39ed0fbe26
QUIC: path MTU discovery.

MTU selection starts by doubling the initial MTU until the first failure.
Then binary search is used to find the path MTU.

diff --git a/src/core/ngx_connection.c b/src/core/ngx_connection.c
--- a/src/core/ngx_connection.c
+++ b/src/core/ngx_connection.c
@@ -1583,6 +1583,10 @@ ngx_connection_error(ngx_connection_t *c
     }
 #endif
 
+    if (err == NGX_EMSGSIZE && c->log_error == NGX_ERROR_IGNORE_EMSGSIZE) {
+        return 0;
+    }
+
     if (err == 0
         || err == NGX_ECONNRESET
 #if (NGX_WIN32)
@@ -1600,6 +1604,7 @@ ngx_connection_error(ngx_connection_t *c
     {
         switch (c->log_error) {
 
+        case NGX_ERROR_IGNORE_EMSGSIZE:
         case NGX_ERROR_IGNORE_EINVAL:
         case NGX_ERROR_IGNORE_ECONNRESET:
         case NGX_ERROR_INFO:
diff --git a/src/core/ngx_connection.h b/src/core/ngx_connection.h
--- a/src/core/ngx_connection.h
+++ b/src/core/ngx_connection.h
@@ -97,7 +97,8 @@ typedef enum {
     NGX_ERROR_ERR,
     NGX_ERROR_INFO,
     NGX_ERROR_IGNORE_ECONNRESET,
-    NGX_ERROR_IGNORE_EINVAL
+    NGX_ERROR_IGNORE_EINVAL,
+    NGX_ERROR_IGNORE_EMSGSIZE
 } ngx_connection_log_error_e;
 
 
diff --git a/src/event/quic/ngx_event_quic.c b/src/event/quic/ngx_event_quic.c
--- a/src/event/quic/ngx_event_quic.c
+++ b/src/event/quic/ngx_event_quic.c
@@ -149,11 +149,6 @@ ngx_quic_apply_transport_params(ngx_conn
         ngx_log_error(NGX_LOG_INFO, c->log, 0,
                       "quic maximum packet size is invalid");
         return NGX_ERROR;
-
-    } else if (ctp->max_udp_payload_size > ngx_quic_max_udp_payload(c)) {
-        ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c);
-        ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0,
-                       "quic client maximum packet size truncated");
     }
 
     if (ctp->active_connection_id_limit < 2) {
@@ -286,7 +281,7 @@ ngx_quic_new_connection(ngx_connection_t
 
     qc->path_validation.log = c->log;
     qc->path_validation.data = c;
-    qc->path_validation.handler = ngx_quic_path_validation_handler;
+    qc->path_validation.handler = ngx_quic_path_handler;
 
     qc->conf = conf;
 
@@ -297,7 +292,7 @@ ngx_quic_new_connection(ngx_connection_t
     ctp = &qc->ctp;
 
     /* defaults to be used before actual client parameters are received */
-    ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c);
+    ctp->max_udp_payload_size = NGX_QUIC_MAX_UDP_PAYLOAD_SIZE;
     ctp->ack_delay_exponent = NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT;
     ctp->max_ack_delay = NGX_QUIC_DEFAULT_MAX_ACK_DELAY;
     ctp->active_connection_id_limit = 2;
diff --git a/src/event/quic/ngx_event_quic_ack.c b/src/event/quic/ngx_event_quic_ack.c
--- a/src/event/quic/ngx_event_quic_ack.c
+++ b/src/event/quic/ngx_event_quic_ack.c
@@ -229,6 +229,12 @@ ngx_quic_handle_ack_frame_range(ngx_conn
 
     qc = ngx_quic_get_connection(c);
 
+    if (ctx->level == ssl_encryption_application) {
+        if (ngx_quic_handle_path_mtu(c, qc->path, min, max) != NGX_OK) {
+            return NGX_ERROR;
+        }
+    }
+
     st->max_pn = NGX_TIMER_INFINITE;
     found = 0;
 
diff --git a/src/event/quic/ngx_event_quic_connection.h b/src/event/quic/ngx_event_quic_connection.h
--- a/src/event/quic/ngx_event_quic_connection.h
+++ b/src/event/quic/ngx_event_quic_connection.h
@@ -66,6 +66,14 @@ typedef struct ngx_quic_keys_s        ng
 #define ngx_quic_get_socket(c)               ((ngx_quic_socket_t *)((c)->udp))
 
 
+typedef enum {
+    NGX_QUIC_PATH_IDLE = 0,
+    NGX_QUIC_PATH_VALIDATING,
+    NGX_QUIC_PATH_WAITING,
+    NGX_QUIC_PATH_MTUD
+} ngx_quic_path_state_e;
+
+
 struct ngx_quic_client_id_s {
     ngx_queue_t                       queue;
     uint64_t                          seqnum;
@@ -89,18 +97,22 @@ struct ngx_quic_path_s {
     ngx_sockaddr_t                    sa;
     socklen_t                         socklen;
     ngx_quic_client_id_t             *cid;
+    ngx_quic_path_state_e             state;
     ngx_msec_t                        expires;
     ngx_uint_t                        tries;
     ngx_uint_t                        tag;
+    size_t                            mtu;
+    size_t                            mtud;
+    size_t                            max_mtu;
     off_t                             sent;
     off_t                             received;
     u_char                            challenge1[8];
     u_char                            challenge2[8];
     uint64_t                          seqnum;
+    uint64_t                          mtu_pnum[NGX_QUIC_PATH_RETRIES];
     ngx_str_t                         addr_text;
     u_char                            text[NGX_SOCKADDR_STRLEN];
-    unsigned                          validated:1;
-    unsigned                          validating:1;
+    ngx_uint_t                        validated; /* unsigned validated:1; */
 };
 
 
diff --git a/src/event/quic/ngx_event_quic_migration.c b/src/event/quic/ngx_event_quic_migration.c
--- a/src/event/quic/ngx_event_quic_migration.c
+++ b/src/event/quic/ngx_event_quic_migration.c
@@ -10,6 +10,10 @@
 #include <ngx_event_quic_connection.h>
 
 
+#define NGX_QUIC_PATH_MTU_DELAY       100
+#define NGX_QUIC_PATH_MTU_PRECISION   16
+
+
 static void ngx_quic_set_connection_path(ngx_connection_t *c,
     ngx_quic_path_t *path);
 static ngx_int_t ngx_quic_validate_path(ngx_connection_t *c,
@@ -17,7 +21,15 @@ static ngx_int_t ngx_quic_validate_path(
 static ngx_int_t ngx_quic_send_path_challenge(ngx_connection_t *c,
     ngx_quic_path_t *path);
 static void ngx_quic_set_path_timer(ngx_connection_t *c);
+static ngx_int_t ngx_quic_expire_path_validation(ngx_connection_t *c,
+    ngx_quic_path_t *path);
+static ngx_int_t ngx_quic_expire_path_mtu_delay(ngx_connection_t *c,
+    ngx_quic_path_t *path);
+static ngx_int_t ngx_quic_expire_path_mtu_discovery(ngx_connection_t *c,
+    ngx_quic_path_t *path);
 static ngx_quic_path_t *ngx_quic_get_path(ngx_connection_t *c, ngx_uint_t tag);
+static ngx_int_t ngx_quic_send_path_mtu_probe(ngx_connection_t *c,
+    ngx_quic_path_t *path);
 
 
 ngx_int_t
@@ -97,7 +109,7 @@ ngx_quic_handle_path_response_frame(ngx_
     {
         path = ngx_queue_data(q, ngx_quic_path_t, queue);
 
-        if (!path->validating) {
+        if (path->state != NGX_QUIC_PATH_VALIDATING) {
             continue;
         }
 
@@ -136,6 +148,9 @@ valid:
         {
             /* address did not change */
             rst = 0;
+
+            path->mtu = prev->mtu;
+            path->max_mtu = prev->max_mtu;
         }
     }
 
@@ -167,9 +182,8 @@ valid:
     ngx_quic_path_dbg(c, "is validated", path);
 
     path->validated = 1;
-    path->validating = 0;
 
-    ngx_quic_set_path_timer(c);
+    ngx_quic_discover_path_mtu(c, path);
 
     return NGX_OK;
 }
@@ -217,6 +231,8 @@ ngx_quic_new_path(ngx_connection_t *c,
     path->addr_text.len = ngx_sock_ntop(sockaddr, socklen, path->text,
                                         NGX_SOCKADDR_STRLEN, 1);
 
+    path->mtu = NGX_QUIC_MIN_INITIAL_SIZE;
+
     ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
                    "quic path seq:%uL created addr:%V",
                    path->seqnum, &path->addr_text);
@@ -464,7 +480,7 @@ ngx_quic_handle_migration(ngx_connection
 
     ngx_quic_set_connection_path(c, next);
 
-    if (!next->validated && !next->validating) {
+    if (!next->validated && next->state != NGX_QUIC_PATH_VALIDATING) {
         if (ngx_quic_validate_path(c, next) != NGX_OK) {
             return NGX_ERROR;
         }
@@ -492,7 +508,6 @@ ngx_quic_validate_path(ngx_connection_t 
     ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
                    "quic initiated validation of path seq:%uL", path->seqnum);
 
-    path->validating = 1;
     path->tries = 0;
 
     if (RAND_bytes(path->challenge1, 8) != 1) {
@@ -511,6 +526,7 @@ ngx_quic_validate_path(ngx_connection_t 
     pto = ngx_max(ngx_quic_pto(c, ctx), 1000);
 
     path->expires = ngx_current_msec + pto;
+    path->state = NGX_QUIC_PATH_VALIDATING;
 
     ngx_quic_set_path_timer(c);
 
@@ -558,6 +574,42 @@ ngx_quic_send_path_challenge(ngx_connect
 }
 
 
+void
+ngx_quic_discover_path_mtu(ngx_connection_t *c, ngx_quic_path_t *path)
+{
+    ngx_quic_connection_t  *qc;
+
+    qc = ngx_quic_get_connection(c);
+
+    if (path->max_mtu) {
+        if (path->max_mtu - path->mtu <= NGX_QUIC_PATH_MTU_PRECISION) {
+            path->state = NGX_QUIC_PATH_IDLE;
+            ngx_quic_set_path_timer(c);
+            return;
+        }
+
+        path->mtud = (path->mtu + path->max_mtu) / 2;
+
+    } else {
+        path->mtud = path->mtu * 2;
+
+        if (path->mtud >= qc->ctp.max_udp_payload_size) {
+            path->mtud = qc->ctp.max_udp_payload_size;
+            path->max_mtu = qc->ctp.max_udp_payload_size;
+        }
+    }
+
+    path->state = NGX_QUIC_PATH_WAITING;
+    path->expires = ngx_current_msec + NGX_QUIC_PATH_MTU_DELAY;
+
+    ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
+                   "quic path seq:%uL schedule mtu:%uz",
+                   path->seqnum, path->mtud);
+
+    ngx_quic_set_path_timer(c);
+}
+
+
 static void
 ngx_quic_set_path_timer(ngx_connection_t *c)
 {
@@ -578,7 +630,7 @@ ngx_quic_set_path_timer(ngx_connection_t
     {
         path = ngx_queue_data(q, ngx_quic_path_t, queue);
 
-        if (!path->validating) {
+        if (path->state == NGX_QUIC_PATH_IDLE) {
             continue;
         }
 
@@ -600,22 +652,18 @@ ngx_quic_set_path_timer(ngx_connection_t
 
 
 void
-ngx_quic_path_validation_handler(ngx_event_t *ev)
+ngx_quic_path_handler(ngx_event_t *ev)
 {
     ngx_msec_t              now;
     ngx_queue_t            *q;
-    ngx_msec_int_t          left, next, pto;
-    ngx_quic_path_t        *path, *bkp;
+    ngx_msec_int_t          left;
+    ngx_quic_path_t        *path;
     ngx_connection_t       *c;
-    ngx_quic_send_ctx_t    *ctx;
     ngx_quic_connection_t  *qc;
 
     c = ev->data;
     qc = ngx_quic_get_connection(c);
 
-    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
-
-    next = -1;
     now = ngx_current_msec;
 
     q = ngx_queue_head(&qc->paths);
@@ -625,83 +673,280 @@ ngx_quic_path_validation_handler(ngx_eve
         path = ngx_queue_data(q, ngx_quic_path_t, queue);
         q = ngx_queue_next(q);
 
-        if (!path->validating) {
+        if (path->state == NGX_QUIC_PATH_IDLE) {
             continue;
         }
 
         left = path->expires - now;
 
         if (left > 0) {
-
-            if (next == -1 || left < next) {
-                next = left;
-            }
-
-            continue;
-        }
-
-        if (++path->tries < NGX_QUIC_PATH_RETRIES) {
-            pto = ngx_max(ngx_quic_pto(c, ctx), 1000) << path->tries;
-
-            path->expires = ngx_current_msec + pto;
-
-            if (next == -1 || pto < next) {
-                next = pto;
-            }
-
-            /* retransmit */
-            (void) ngx_quic_send_path_challenge(c, path);
-
             continue;
         }
 
-        ngx_log_debug1(NGX_LOG_DEBUG_EVENT, ev->log, 0,
-                       "quic path seq:%uL validation failed", path->seqnum);
-
-        /* found expired path */
-
-        path->validated = 0;
-        path->validating = 0;
-
-
-        /* RFC 9000, 9.3.2.  On-Path Address Spoofing
-         *
-         * To protect the connection from failing due to such a spurious
-         * migration, an endpoint MUST revert to using the last validated
-         * peer address when validation of a new peer address fails.
-         */
-
-        if (qc->path == path) {
-            /* active path validation failed */
-
-            bkp = ngx_quic_get_path(c, NGX_QUIC_PATH_BACKUP);
-
-            if (bkp == NULL) {
-                qc->error = NGX_QUIC_ERR_NO_VIABLE_PATH;
-                qc->error_reason = "no viable path";
-                ngx_quic_close_connection(c, NGX_ERROR);
-                return;
+        switch (path->state) {
+        case NGX_QUIC_PATH_VALIDATING:
+            if (ngx_quic_expire_path_validation(c, path) != NGX_OK) {
+                goto failed;
             }
 
-            qc->path = bkp;
-            qc->path->tag = NGX_QUIC_PATH_ACTIVE;
+            break;
 
-            ngx_quic_set_connection_path(c, qc->path);
+        case NGX_QUIC_PATH_WAITING:
+            if (ngx_quic_expire_path_mtu_delay(c, path) != NGX_OK) {
+                goto failed;
+            }
+
+            break;
 
-            ngx_log_error(NGX_LOG_INFO, c->log, 0,
-                          "quic path seq:%uL addr:%V is restored from backup",
-                          qc->path->seqnum, &qc->path->addr_text);
+        case NGX_QUIC_PATH_MTUD:
+            if (ngx_quic_expire_path_mtu_discovery(c, path) != NGX_OK) {
+                goto failed;
+            }
 
-            ngx_quic_path_dbg(c, "is active", qc->path);
-        }
+            break;
 
-        if (ngx_quic_free_path(c, path) != NGX_OK) {
-            ngx_quic_close_connection(c, NGX_ERROR);
-            return;
+        default:
+            break;
         }
     }
 
-    if (next != -1) {
-        ngx_add_timer(&qc->path_validation, next);
+    ngx_quic_set_path_timer(c);
+
+    return;
+
+failed:
+
+    ngx_quic_close_connection(c, NGX_ERROR);
+}
+
+
+static ngx_int_t
+ngx_quic_expire_path_validation(ngx_connection_t *c, ngx_quic_path_t *path)
+{
+    ngx_msec_int_t          pto;
+    ngx_quic_path_t        *bkp;
+    ngx_quic_send_ctx_t    *ctx;
+    ngx_quic_connection_t  *qc;
+
+    qc = ngx_quic_get_connection(c);
+    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
+
+    if (++path->tries < NGX_QUIC_PATH_RETRIES) {
+        pto = ngx_max(ngx_quic_pto(c, ctx), 1000) << path->tries;
+        path->expires = ngx_current_msec + pto;
+
+        (void) ngx_quic_send_path_challenge(c, path);
+
+        return NGX_OK;
+    }
+
+    ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
+                   "quic path seq:%uL validation failed", path->seqnum);
+
+    /* found expired path */
+
+    path->validated = 0;
+
+
+    /* RFC 9000, 9.3.2.  On-Path Address Spoofing
+     *
+     * To protect the connection from failing due to such a spurious
+     * migration, an endpoint MUST revert to using the last validated
+     * peer address when validation of a new peer address fails.
+     */
+
+    if (qc->path == path) {
+        /* active path validation failed */
+
+        bkp = ngx_quic_get_path(c, NGX_QUIC_PATH_BACKUP);
+
+        if (bkp == NULL) {
+            qc->error = NGX_QUIC_ERR_NO_VIABLE_PATH;
+            qc->error_reason = "no viable path";
+            return NGX_ERROR;
+        }
+
+        qc->path = bkp;
+        qc->path->tag = NGX_QUIC_PATH_ACTIVE;
+
+        ngx_quic_set_connection_path(c, qc->path);
+
+        ngx_log_error(NGX_LOG_INFO, c->log, 0,
+                      "quic path seq:%uL addr:%V is restored from backup",
+                      qc->path->seqnum, &qc->path->addr_text);
+
+        ngx_quic_path_dbg(c, "is active", qc->path);
+    }
+
+    return ngx_quic_free_path(c, path);
+}
+
+
+static ngx_int_t
+ngx_quic_expire_path_mtu_delay(ngx_connection_t *c, ngx_quic_path_t *path)
+{
+    ngx_int_t               rc;
+    ngx_uint_t              i;
+    ngx_msec_t              pto;
+    ngx_quic_send_ctx_t    *ctx;
+    ngx_quic_connection_t  *qc;
+
+    qc = ngx_quic_get_connection(c);
+    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
+
+    path->tries = 0;
+
+    for ( ;; ) {
+
+        for (i = 0; i < NGX_QUIC_PATH_RETRIES; i++) {
+            path->mtu_pnum[i] = NGX_QUIC_UNSET_PN;
+        }
+
+        rc = ngx_quic_send_path_mtu_probe(c, path);
+
+        if (rc == NGX_ERROR) {
+            return NGX_ERROR;
+        }
+
+        if (rc == NGX_OK) {
+            pto = ngx_quic_pto(c, ctx);
+            path->expires = ngx_current_msec + pto;
+            path->state = NGX_QUIC_PATH_MTUD;
+            return NGX_OK;
+        }
+
+        /* rc == NGX_DECLINED */
+
+        path->max_mtu = path->mtud;
+
+        if (path->max_mtu - path->mtu <= NGX_QUIC_PATH_MTU_PRECISION) {
+            path->state = NGX_QUIC_PATH_IDLE;
+            return NGX_OK;
+        }
+
+        path->mtud = (path->mtu + path->max_mtu) / 2;
     }
 }
+
+
+static ngx_int_t
+ngx_quic_expire_path_mtu_discovery(ngx_connection_t *c, ngx_quic_path_t *path)
+{
+    ngx_int_t               rc;
+    ngx_msec_int_t          pto;
+    ngx_quic_send_ctx_t    *ctx;
+    ngx_quic_connection_t  *qc;
+
+    qc = ngx_quic_get_connection(c);
+    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
+
+    if (++path->tries < NGX_QUIC_PATH_RETRIES) {
+        rc = ngx_quic_send_path_mtu_probe(c, path);
+
+        if (rc == NGX_ERROR) {
+            return NGX_ERROR;
+        }
+
+        if (rc == NGX_OK) {
+            pto = ngx_quic_pto(c, ctx) << path->tries;
+            path->expires = ngx_current_msec + pto;
+            return NGX_OK;
+        }
+
+        /* rc == NGX_DECLINED */
+    }
+
+    ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
+                   "quic path seq:%uL expired mtu:%uz",
+                   path->seqnum, path->mtud);
+
+    path->max_mtu = path->mtud;
+
+    ngx_quic_discover_path_mtu(c, path);
+
+    return NGX_OK;
+}
+
+
+static ngx_int_t
+ngx_quic_send_path_mtu_probe(ngx_connection_t *c, ngx_quic_path_t *path)
+{
+    ngx_int_t               rc;
+    ngx_uint_t              log_error;
+    ngx_quic_frame_t        frame;
+    ngx_quic_send_ctx_t    *ctx;
+    ngx_quic_connection_t  *qc;
+
+    ngx_memzero(&frame, sizeof(ngx_quic_frame_t));
+
+    frame.level = ssl_encryption_application;
+    frame.type = NGX_QUIC_FT_PING;
+
+    qc = ngx_quic_get_connection(c);
+    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
+    path->mtu_pnum[path->tries] = ctx->pnum;
+
+    ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0,
+                   "quic path seq:%uL send probe "
+                   "mtu:%uz pnum:%uL tries:%ui",
+                   path->seqnum, path->mtud, ctx->pnum, path->tries);
+
+    log_error = c->log_error;
+    c->log_error = NGX_ERROR_IGNORE_EMSGSIZE;
+
+    rc = ngx_quic_frame_sendto(c, &frame, path->mtud, path);
+    c->log_error = log_error;
+
+    if (rc == NGX_ERROR) {
+        if (c->write->error) {
+            c->write->error = 0;
+
+            ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
+                           "quic path seq:%uL rejected mtu:%uz",
+                           path->seqnum, path->mtud);
+
+            return NGX_DECLINED;
+        }
+
+        return NGX_ERROR;
+    }
+
+    return NGX_OK;
+}
+
+
+ngx_int_t
+ngx_quic_handle_path_mtu(ngx_connection_t *c, ngx_quic_path_t *path,
+    uint64_t min, uint64_t max)
+{
+    uint64_t    pnum;
+    ngx_uint_t  i;
+
+    if (path->state != NGX_QUIC_PATH_MTUD) {
+        return NGX_OK;
+    }
+
+    for (i = 0; i < NGX_QUIC_PATH_RETRIES; i++) {
+        pnum = path->mtu_pnum[i];
+
+        if (pnum == NGX_QUIC_UNSET_PN) {
+            break;
+        }
+
+        if (pnum < min || pnum > max) {
+            continue;
+        }
+
+        path->mtu = path->mtud;
+
+        ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
+                       "quic path seq:%uL ack mtu:%uz",
+                       path->seqnum, path->mtu);
+
+        ngx_quic_discover_path_mtu(c, path);
+
+        break;
+    }
+
+    return NGX_OK;
+}
diff --git a/src/event/quic/ngx_event_quic_migration.h b/src/event/quic/ngx_event_quic_migration.h
--- a/src/event/quic/ngx_event_quic_migration.h
+++ b/src/event/quic/ngx_event_quic_migration.h
@@ -18,10 +18,10 @@
 #define NGX_QUIC_PATH_BACKUP    2
 
 #define ngx_quic_path_dbg(c, msg, path)                                       \
-    ngx_log_debug6(NGX_LOG_DEBUG_EVENT, c->log, 0,                            \
-                   "quic path seq:%uL %s sent:%O recvd:%O state:%s%s",        \
+    ngx_log_debug7(NGX_LOG_DEBUG_EVENT, c->log, 0,                            \
+                   "quic path seq:%uL %s tx:%O rx:%O valid:%ui st:%d mtu:%uz",\
                    path->seqnum, msg, path->sent, path->received,             \
-                   path->validated ? "V": "N", path->validating ? "R": "");
+                   path->validated, path->state, path->mtu);
 
 ngx_int_t ngx_quic_handle_path_challenge_frame(ngx_connection_t *c,
     ngx_quic_header_t *pkt, ngx_quic_path_challenge_frame_t *f);
@@ -36,6 +36,10 @@ ngx_int_t ngx_quic_set_path(ngx_connecti
 ngx_int_t ngx_quic_handle_migration(ngx_connection_t *c,
     ngx_quic_header_t *pkt);
 
-void ngx_quic_path_validation_handler(ngx_event_t *ev);
+void ngx_quic_path_handler(ngx_event_t *ev);
+
+void ngx_quic_discover_path_mtu(ngx_connection_t *c, ngx_quic_path_t *path);
+ngx_int_t ngx_quic_handle_path_mtu(ngx_connection_t *c,
+    ngx_quic_path_t *path, uint64_t min, uint64_t max);
 
 #endif /* _NGX_EVENT_QUIC_MIGRATION_H_INCLUDED_ */
diff --git a/src/event/quic/ngx_event_quic_output.c b/src/event/quic/ngx_event_quic_output.c
--- a/src/event/quic/ngx_event_quic_output.c
+++ b/src/event/quic/ngx_event_quic_output.c
@@ -10,9 +10,6 @@
 #include <ngx_event_quic_connection.h>
 
 
-#define NGX_QUIC_MAX_UDP_PAYLOAD_OUT   1252
-#define NGX_QUIC_MAX_UDP_PAYLOAD_OUT6  1232
-
 #define NGX_QUIC_MAX_UDP_SEGMENT_BUF  65487 /* 65K - IPv6 header */
 #define NGX_QUIC_MAX_SEGMENTS            64 /* UDP_MAX_SEGMENTS */
 
@@ -61,21 +58,6 @@ static size_t ngx_quic_path_limit(ngx_co
     size_t size);
 
 
-size_t
-ngx_quic_max_udp_payload(ngx_connection_t *c)
-{
-    /* TODO: path MTU discovery */
-
-#if (NGX_HAVE_INET6)
-    if (c->sockaddr->sa_family == AF_INET6) {
-        return NGX_QUIC_MAX_UDP_PAYLOAD_OUT6;
-    }
-#endif
-
-    return NGX_QUIC_MAX_UDP_PAYLOAD_OUT;
-}
-
-
 ngx_int_t
 ngx_quic_output(ngx_connection_t *c)
 {
@@ -142,10 +124,7 @@ ngx_quic_create_datagrams(ngx_connection
 
         p = dst;
 
-        len = ngx_min(qc->ctp.max_udp_payload_size,
-                      NGX_QUIC_MAX_UDP_PAYLOAD_SIZE);
-
-        len = ngx_quic_path_limit(c, path, len);
+        len = ngx_quic_path_limit(c, path, path->mtu);
 
         pad = ngx_quic_get_padding_level(c);
 
@@ -299,9 +278,7 @@ ngx_quic_allow_segmentation(ngx_connecti
     ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
 
     bytes = 0;
-
-    len = ngx_min(qc->ctp.max_udp_payload_size,
-                  NGX_QUIC_MAX_UDP_SEGMENT_BUF);
+    len = ngx_min(qc->path->mtu, NGX_QUIC_MAX_UDP_SEGMENT_BUF);
 
     for (q = ngx_queue_head(&ctx->frames);
          q != ngx_queue_sentinel(&ctx->frames);
@@ -345,8 +322,7 @@ ngx_quic_create_segments(ngx_connection_
         return NGX_ERROR;
     }
 
-    segsize = ngx_min(qc->ctp.max_udp_payload_size,
-                      NGX_QUIC_MAX_UDP_SEGMENT_BUF);
+    segsize = ngx_min(path->mtu, NGX_QUIC_MAX_UDP_SEGMENT_BUF);
     p = dst;
     end = dst + sizeof(dst);
 
diff --git a/src/event/quic/ngx_event_quic_output.h b/src/event/quic/ngx_event_quic_output.h
--- a/src/event/quic/ngx_event_quic_output.h
+++ b/src/event/quic/ngx_event_quic_output.h
@@ -12,8 +12,6 @@
 #include <ngx_core.h>
 
 
-size_t ngx_quic_max_udp_payload(ngx_connection_t *c);
-
 ngx_int_t ngx_quic_output(ngx_connection_t *c);
 
 ngx_int_t ngx_quic_negotiate_version(ngx_connection_t *c,
diff --git a/src/event/quic/ngx_event_quic_ssl.c b/src/event/quic/ngx_event_quic_ssl.c
--- a/src/event/quic/ngx_event_quic_ssl.c
+++ b/src/event/quic/ngx_event_quic_ssl.c
@@ -494,6 +494,8 @@ ngx_quic_crypto_input(ngx_connection_t *
      */
     ngx_quic_discard_ctx(c, ssl_encryption_handshake);
 
+    ngx_quic_discover_path_mtu(c, qc->path);
+
     /* start accepting clients on negotiated number of server ids */
     if (ngx_quic_create_sockets(c) != NGX_OK) {
         return NGX_ERROR;
diff --git a/src/os/unix/ngx_errno.h b/src/os/unix/ngx_errno.h
--- a/src/os/unix/ngx_errno.h
+++ b/src/os/unix/ngx_errno.h
@@ -54,6 +54,7 @@ typedef int               ngx_err_t;
 #define NGX_ENOMOREFILES  0
 #define NGX_ELOOP         ELOOP
 #define NGX_EBADF         EBADF
+#define NGX_EMSGSIZE      EMSGSIZE
 
 #if (NGX_HAVE_OPENAT)
 #define NGX_EMLINK        EMLINK
diff --git a/src/os/win32/ngx_errno.h b/src/os/win32/ngx_errno.h
--- a/src/os/win32/ngx_errno.h
+++ b/src/os/win32/ngx_errno.h
@@ -57,6 +57,7 @@ typedef DWORD                      ngx_e
 #define NGX_EILSEQ                 ERROR_NO_UNICODE_TRANSLATION
 #define NGX_ELOOP                  0
 #define NGX_EBADF                  WSAEBADF
+#define NGX_EMSGSIZE               WSAEMSGSIZE
 
 #define NGX_EALREADY               WSAEALREADY
 #define NGX_EINVAL                 WSAEINVAL

From arut at nginx.com  Mon Aug 14 14:01:02 2023
From: arut at nginx.com (Roman Arutyunyan)
Date: Mon, 14 Aug 2023 14:01:02 +0000
Subject: [nginx] QUIC: optimized ACK delay.
Message-ID: <hg.a90f79792b5d.1692021662.6026610855610030274@dev.nginx>

details:   https://hg.nginx.org/nginx/rev/a90f79792b5d
branches:  
changeset: 9138:a90f79792b5d
user:      Roman Arutyunyan <arut at nginx.com>
date:      Thu Jul 27 16:37:17 2023 +0400
description:
QUIC: optimized ACK delay.

Previously ACK was not generated if max_ack_delay was not yet expired and the
number of unacknowledged ack-eliciting packets was less than two, as allowed by
RFC 9000 13.2.1-13.2.2.  However this only makes sense to avoid sending ACK-only
packets, as explained by the RFC:

  On the other hand, reducing the frequency of packets that carry only
  acknowledgments reduces packet transmission and processing cost at both
  endpoints.

Now ACK is delayed only if output frame queue is empty.  Otherwise ACK is sent
immediately, which significantly improves QUIC performance with certain tests.

diffstat:

 src/event/quic/ngx_event_quic_ack.c |  3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diffs (13 lines):

diff -r 0ba26c99b3a1 -r a90f79792b5d src/event/quic/ngx_event_quic_ack.c
--- a/src/event/quic/ngx_event_quic_ack.c	Wed Jun 21 01:29:53 2023 +0300
+++ b/src/event/quic/ngx_event_quic_ack.c	Thu Jul 27 16:37:17 2023 +0400
@@ -1171,7 +1171,8 @@ ngx_quic_generate_ack(ngx_connection_t *
         delay = ngx_current_msec - ctx->ack_delay_start;
         qc = ngx_quic_get_connection(c);
 
-        if (ctx->send_ack < NGX_QUIC_MAX_ACK_GAP
+        if (ngx_queue_empty(&ctx->frames)
+            && ctx->send_ack < NGX_QUIC_MAX_ACK_GAP
             && delay < qc->tp.max_ack_delay)
         {
             if (!qc->push.timer_set && !qc->closing) {

From arut at nginx.com  Mon Aug 14 14:01:05 2023
From: arut at nginx.com (Roman Arutyunyan)
Date: Mon, 14 Aug 2023 14:01:05 +0000
Subject: [nginx] QUIC: always add ACK frame to the queue head.
Message-ID: <hg.d7dec2970161.1692021665.6026610855610030274@dev.nginx>

details:   https://hg.nginx.org/nginx/rev/d7dec2970161
branches:  
changeset: 9139:d7dec2970161
user:      Roman Arutyunyan <arut at nginx.com>
date:      Thu Aug 10 20:11:29 2023 +0400
description:
QUIC: always add ACK frame to the queue head.

Previously it was added to the tail as all other frames.  However, if the
amount of queued data is large, it could delay the delivery of ACK, which
could trigger frames retransmissions and slow down the connection.

diffstat:

 src/event/quic/ngx_event_quic_output.c |  3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diffs (14 lines):

diff -r a90f79792b5d -r d7dec2970161 src/event/quic/ngx_event_quic_output.c
--- a/src/event/quic/ngx_event_quic_output.c	Thu Jul 27 16:37:17 2023 +0400
+++ b/src/event/quic/ngx_event_quic_output.c	Thu Aug 10 20:11:29 2023 +0400
@@ -1174,8 +1174,9 @@ ngx_quic_send_ack(ngx_connection_t *c, n
     frame->u.ack.delay = ack_delay;
     frame->u.ack.range_count = ctx->nranges;
     frame->u.ack.first_range = ctx->first_range;
+    frame->len = ngx_quic_create_frame(NULL, frame);
 
-    ngx_quic_queue_frame(qc, frame);
+    ngx_queue_insert_head(&ctx->frames, &frame->queue);
 
     return NGX_OK;
 }

From arut at nginx.com  Mon Aug 14 14:01:08 2023
From: arut at nginx.com (Roman Arutyunyan)
Date: Mon, 14 Aug 2023 14:01:08 +0000
Subject: [nginx] QUIC: fixed congesion control in GSO mode.
Message-ID: <hg.e9a003d40485.1692021668.6026610855610030274@dev.nginx>

details:   https://hg.nginx.org/nginx/rev/e9a003d40485
branches:  
changeset: 9140:e9a003d40485
user:      Roman Arutyunyan <arut at nginx.com>
date:      Thu Jul 27 13:35:42 2023 +0400
description:
QUIC: fixed congesion control in GSO mode.

In non-GSO mode, a datagram is sent if congestion window is not exceeded by the
time of send.  The window could be exceeded by a small amount after the send.
In GSO mode, congestion window was checked in a similar way, but for all
concatenated datagrams as a whole.  This could result in exceeding congestion
window by a lot.  Now congestion window is checked for every datagram in GSO
mode as well.

diffstat:

 src/event/quic/ngx_event_quic_output.c |  2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diffs (12 lines):

diff -r d7dec2970161 -r e9a003d40485 src/event/quic/ngx_event_quic_output.c
--- a/src/event/quic/ngx_event_quic_output.c	Thu Aug 10 20:11:29 2023 +0400
+++ b/src/event/quic/ngx_event_quic_output.c	Thu Jul 27 13:35:42 2023 +0400
@@ -358,7 +358,7 @@ ngx_quic_create_segments(ngx_connection_
 
         len = ngx_min(segsize, (size_t) (end - p));
 
-        if (len && cg->in_flight < cg->window) {
+        if (len && cg->in_flight + (p - dst) < cg->window) {
 
             n = ngx_quic_output_packet(c, ctx, p, len, len);
             if (n == NGX_ERROR) {

From arut at nginx.com  Mon Aug 14 14:01:11 2023
From: arut at nginx.com (Roman Arutyunyan)
Date: Mon, 14 Aug 2023 14:01:11 +0000
Subject: [nginx] QUIC: avoid accessing freed frame.
Message-ID: <hg.5d1e7c74aadf.1692021671.6026610855610030274@dev.nginx>

details:   https://hg.nginx.org/nginx/rev/5d1e7c74aadf
branches:  
changeset: 9141:5d1e7c74aadf
user:      Roman Arutyunyan <arut at nginx.com>
date:      Tue Aug 01 11:20:04 2023 +0400
description:
QUIC: avoid accessing freed frame.

Previously the field pnum of a potentially freed frame was accessed.  Now the
value is copied to a local variable.  The old behavior did not cause any
problems since the frame memory is not freed, but is moved to a free queue
instead.

diffstat:

 src/event/quic/ngx_event_quic_ack.c |  4 +++-
 1 files changed, 3 insertions(+), 1 deletions(-)

diffs (28 lines):

diff -r e9a003d40485 -r 5d1e7c74aadf src/event/quic/ngx_event_quic_ack.c
--- a/src/event/quic/ngx_event_quic_ack.c	Thu Jul 27 13:35:42 2023 +0400
+++ b/src/event/quic/ngx_event_quic_ack.c	Tue Aug 01 11:20:04 2023 +0400
@@ -548,6 +548,7 @@ ngx_quic_persistent_congestion(ngx_conne
 void
 ngx_quic_resend_frames(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx)
 {
+    uint64_t                pnum;
     ngx_queue_t            *q;
     ngx_quic_frame_t       *f, *start;
     ngx_quic_stream_t      *qs;
@@ -556,6 +557,7 @@ ngx_quic_resend_frames(ngx_connection_t 
     qc = ngx_quic_get_connection(c);
     q = ngx_queue_head(&ctx->sent);
     start = ngx_queue_data(q, ngx_quic_frame_t, queue);
+    pnum = start->pnum;
 
     ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
                    "quic resend packet pnum:%uL", start->pnum);
@@ -565,7 +567,7 @@ ngx_quic_resend_frames(ngx_connection_t 
     do {
         f = ngx_queue_data(q, ngx_quic_frame_t, queue);
 
-        if (f->pnum != start->pnum) {
+        if (f->pnum != pnum) {
             break;
         }
 

From arut at nginx.com  Mon Aug 14 14:01:14 2023
From: arut at nginx.com (Roman Arutyunyan)
Date: Mon, 14 Aug 2023 14:01:14 +0000
Subject: [nginx] QUIC: fixed PTO expiration condition.
Message-ID: <hg.7e8ee4b7cbf4.1692021674.6026610855610030274@dev.nginx>

details:   https://hg.nginx.org/nginx/rev/7e8ee4b7cbf4
branches:  
changeset: 9142:7e8ee4b7cbf4
user:      Roman Arutyunyan <arut at nginx.com>
date:      Tue Aug 01 11:21:59 2023 +0400
description:
QUIC: fixed PTO expiration condition.

Previously, PTO handler analyzed the first packet in the sent queue for the
timeout expiration.  However, the last sent packet should be analyzed instead.
An example is timeout calculation in ngx_quic_set_lost_timer().

diffstat:

 src/event/quic/ngx_event_quic_ack.c |  2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diffs (12 lines):

diff -r 5d1e7c74aadf -r 7e8ee4b7cbf4 src/event/quic/ngx_event_quic_ack.c
--- a/src/event/quic/ngx_event_quic_ack.c	Tue Aug 01 11:20:04 2023 +0400
+++ b/src/event/quic/ngx_event_quic_ack.c	Tue Aug 01 11:21:59 2023 +0400
@@ -840,7 +840,7 @@ ngx_quic_pto_handler(ngx_event_t *ev)
             continue;
         }
 
-        q = ngx_queue_head(&ctx->sent);
+        q = ngx_queue_last(&ctx->sent);
         f = ngx_queue_data(q, ngx_quic_frame_t, queue);
 
         if (f->pnum <= ctx->largest_ack

From arut at nginx.com  Mon Aug 14 14:01:17 2023
From: arut at nginx.com (Roman Arutyunyan)
Date: Mon, 14 Aug 2023 14:01:17 +0000
Subject: [nginx] QUIC: fixed probe-congestion deadlock.
Message-ID: <hg.48691bab4474.1692021677.6026610855610030274@dev.nginx>

details:   https://hg.nginx.org/nginx/rev/48691bab4474
branches:  
changeset: 9143:48691bab4474
user:      Roman Arutyunyan <arut at nginx.com>
date:      Mon Aug 14 08:28:30 2023 +0400
description:
QUIC: fixed probe-congestion deadlock.

When probe timeout expired while congestion window was exhausted, probe PINGs
could not be sent.  As a result, lost packets could not be declared lost and
congestion window could not be freed for new packets.  This deadlock
continued until connection idle timeout expiration.

Now PINGs are sent separately from the frame queue without congestion control,
as specified by RFC 9002, Section 7:

  An endpoint MUST NOT send a packet if it would cause bytes_in_flight
  (see Appendix B.2) to be larger than the congestion window, unless the
  packet is sent on a PTO timer expiration (see Section 6.2) or when entering
  recovery (see Section 7.3.2).

diffstat:

 src/event/quic/ngx_event_quic_ack.c       |  64 +++++-------------------------
 src/event/quic/ngx_event_quic_output.c    |   4 -
 src/event/quic/ngx_event_quic_transport.h |   1 -
 3 files changed, 12 insertions(+), 57 deletions(-)

diffs (114 lines):

diff -r 7e8ee4b7cbf4 -r 48691bab4474 src/event/quic/ngx_event_quic_ack.c
--- a/src/event/quic/ngx_event_quic_ack.c	Tue Aug 01 11:21:59 2023 +0400
+++ b/src/event/quic/ngx_event_quic_ack.c	Mon Aug 14 08:28:30 2023 +0400
@@ -820,9 +820,9 @@ ngx_quic_pto_handler(ngx_event_t *ev)
 {
     ngx_uint_t              i;
     ngx_msec_t              now;
-    ngx_queue_t            *q, *next;
+    ngx_queue_t            *q;
     ngx_connection_t       *c;
-    ngx_quic_frame_t       *f;
+    ngx_quic_frame_t       *f, frame;
     ngx_quic_send_ctx_t    *ctx;
     ngx_quic_connection_t  *qc;
 
@@ -859,63 +859,23 @@ ngx_quic_pto_handler(ngx_event_t *ev)
                        "quic pto %s pto_count:%ui",
                        ngx_quic_level_name(ctx->level), qc->pto_count);
 
-        for (q = ngx_queue_head(&ctx->frames);
-             q != ngx_queue_sentinel(&ctx->frames);
-             /* void */)
-        {
-            next = ngx_queue_next(q);
-            f = ngx_queue_data(q, ngx_quic_frame_t, queue);
+        ngx_memzero(&frame, sizeof(ngx_quic_frame_t));
 
-            if (f->type == NGX_QUIC_FT_PING) {
-                ngx_queue_remove(q);
-                ngx_quic_free_frame(c, f);
-            }
-
-            q = next;
-        }
-
-        for (q = ngx_queue_head(&ctx->sent);
-             q != ngx_queue_sentinel(&ctx->sent);
-             /* void */)
-        {
-            next = ngx_queue_next(q);
-            f = ngx_queue_data(q, ngx_quic_frame_t, queue);
+        frame.level = ctx->level;
+        frame.type = NGX_QUIC_FT_PING;
 
-            if (f->type == NGX_QUIC_FT_PING) {
-                ngx_quic_congestion_lost(c, f);
-                ngx_queue_remove(q);
-                ngx_quic_free_frame(c, f);
-            }
-
-            q = next;
-        }
-
-        /* enforce 2 udp datagrams */
-
-        f = ngx_quic_alloc_frame(c);
-        if (f == NULL) {
-            break;
+        if (ngx_quic_frame_sendto(c, &frame, 0, qc->path) != NGX_OK
+            || ngx_quic_frame_sendto(c, &frame, 0, qc->path) != NGX_OK)
+        {
+            ngx_quic_close_connection(c, NGX_ERROR);
+            return;
         }
-
-        f->level = ctx->level;
-        f->type = NGX_QUIC_FT_PING;
-        f->flush = 1;
-
-        ngx_quic_queue_frame(qc, f);
-
-        f = ngx_quic_alloc_frame(c);
-        if (f == NULL) {
-            break;
-        }
-
-        f->level = ctx->level;
-        f->type = NGX_QUIC_FT_PING;
-
-        ngx_quic_queue_frame(qc, f);
     }
 
     qc->pto_count++;
 
+    ngx_quic_set_lost_timer(c);
+
     ngx_quic_connstate_dbg(c);
 }
 
diff -r 7e8ee4b7cbf4 -r 48691bab4474 src/event/quic/ngx_event_quic_output.c
--- a/src/event/quic/ngx_event_quic_output.c	Tue Aug 01 11:21:59 2023 +0400
+++ b/src/event/quic/ngx_event_quic_output.c	Mon Aug 14 08:28:30 2023 +0400
@@ -631,10 +631,6 @@ ngx_quic_output_packet(ngx_connection_t 
         f->plen = 0;
 
         nframes++;
-
-        if (f->flush) {
-            break;
-        }
     }
 
     if (nframes == 0) {
diff -r 7e8ee4b7cbf4 -r 48691bab4474 src/event/quic/ngx_event_quic_transport.h
--- a/src/event/quic/ngx_event_quic_transport.h	Tue Aug 01 11:21:59 2023 +0400
+++ b/src/event/quic/ngx_event_quic_transport.h	Mon Aug 14 08:28:30 2023 +0400
@@ -271,7 +271,6 @@ struct ngx_quic_frame_s {
     ssize_t                                     len;
     unsigned                                    need_ack:1;
     unsigned                                    pkt_need_ack:1;
-    unsigned                                    flush:1;
 
     ngx_chain_t                                *data;
     union {

From arut at nginx.com  Mon Aug 14 14:01:20 2023
From: arut at nginx.com (Roman Arutyunyan)
Date: Mon, 14 Aug 2023 14:01:20 +0000
Subject: [nginx] QUIC: removed path->limited flag.
Message-ID: <hg.bba136612fe4.1692021680.6026610855610030274@dev.nginx>

details:   https://hg.nginx.org/nginx/rev/bba136612fe4
branches:  
changeset: 9144:bba136612fe4
user:      Roman Arutyunyan <arut at nginx.com>
date:      Thu Jul 06 17:49:01 2023 +0400
description:
QUIC: removed path->limited flag.

Its value is the opposite of path->validated.

diffstat:

 src/event/quic/ngx_event_quic.c            |  1 -
 src/event/quic/ngx_event_quic_connection.h |  1 -
 src/event/quic/ngx_event_quic_migration.c  |  4 ----
 src/event/quic/ngx_event_quic_migration.h  |  7 +++----
 src/event/quic/ngx_event_quic_output.c     |  4 ++--
 src/event/quic/ngx_event_quic_socket.c     |  1 -
 6 files changed, 5 insertions(+), 13 deletions(-)

diffs (100 lines):

diff -r 48691bab4474 -r bba136612fe4 src/event/quic/ngx_event_quic.c
--- a/src/event/quic/ngx_event_quic.c	Mon Aug 14 08:28:30 2023 +0400
+++ b/src/event/quic/ngx_event_quic.c	Thu Jul 06 17:49:01 2023 +0400
@@ -1013,7 +1013,6 @@ ngx_quic_handle_payload(ngx_connection_t
 
         if (!qc->path->validated) {
             qc->path->validated = 1;
-            qc->path->limited = 0;
             ngx_quic_path_dbg(c, "in handshake", qc->path);
             ngx_post_event(&qc->push, &ngx_posted_events);
         }
diff -r 48691bab4474 -r bba136612fe4 src/event/quic/ngx_event_quic_connection.h
--- a/src/event/quic/ngx_event_quic_connection.h	Mon Aug 14 08:28:30 2023 +0400
+++ b/src/event/quic/ngx_event_quic_connection.h	Thu Jul 06 17:49:01 2023 +0400
@@ -101,7 +101,6 @@ struct ngx_quic_path_s {
     u_char                            text[NGX_SOCKADDR_STRLEN];
     unsigned                          validated:1;
     unsigned                          validating:1;
-    unsigned                          limited:1;
 };
 
 
diff -r 48691bab4474 -r bba136612fe4 src/event/quic/ngx_event_quic_migration.c
--- a/src/event/quic/ngx_event_quic_migration.c	Mon Aug 14 08:28:30 2023 +0400
+++ b/src/event/quic/ngx_event_quic_migration.c	Thu Jul 06 17:49:01 2023 +0400
@@ -168,7 +168,6 @@ valid:
 
     path->validated = 1;
     path->validating = 0;
-    path->limited = 0;
 
     ngx_quic_set_path_timer(c);
 
@@ -208,8 +207,6 @@ ngx_quic_new_path(ngx_connection_t *c,
     path->cid = cid;
     cid->used = 1;
 
-    path->limited = 1;
-
     path->seqnum = qc->path_seqnum++;
 
     path->sockaddr = &path->sa.sockaddr;
@@ -665,7 +662,6 @@ ngx_quic_path_validation_handler(ngx_eve
 
         path->validated = 0;
         path->validating = 0;
-        path->limited = 1;
 
 
         /* RFC 9000, 9.3.2.  On-Path Address Spoofing
diff -r 48691bab4474 -r bba136612fe4 src/event/quic/ngx_event_quic_migration.h
--- a/src/event/quic/ngx_event_quic_migration.h	Mon Aug 14 08:28:30 2023 +0400
+++ b/src/event/quic/ngx_event_quic_migration.h	Thu Jul 06 17:49:01 2023 +0400
@@ -18,11 +18,10 @@
 #define NGX_QUIC_PATH_BACKUP    2
 
 #define ngx_quic_path_dbg(c, msg, path)                                       \
-    ngx_log_debug7(NGX_LOG_DEBUG_EVENT, c->log, 0,                            \
-                   "quic path seq:%uL %s sent:%O recvd:%O state:%s%s%s",      \
+    ngx_log_debug6(NGX_LOG_DEBUG_EVENT, c->log, 0,                            \
+                   "quic path seq:%uL %s sent:%O recvd:%O state:%s%s",        \
                    path->seqnum, msg, path->sent, path->received,             \
-                   path->limited ? "L" : "", path->validated ? "V": "N",      \
-                   path->validating ? "R": "");
+                   path->validated ? "V": "N", path->validating ? "R": "");
 
 ngx_int_t ngx_quic_handle_path_challenge_frame(ngx_connection_t *c,
     ngx_quic_header_t *pkt, ngx_quic_path_challenge_frame_t *f);
diff -r 48691bab4474 -r bba136612fe4 src/event/quic/ngx_event_quic_output.c
--- a/src/event/quic/ngx_event_quic_output.c	Mon Aug 14 08:28:30 2023 +0400
+++ b/src/event/quic/ngx_event_quic_output.c	Thu Jul 06 17:49:01 2023 +0400
@@ -281,7 +281,7 @@ ngx_quic_allow_segmentation(ngx_connecti
         return 0;
     }
 
-    if (qc->path->limited) {
+    if (!qc->path->validated) {
         /* don't even try to be faster on non-validated paths */
         return 0;
     }
@@ -1275,7 +1275,7 @@ ngx_quic_path_limit(ngx_connection_t *c,
 {
     off_t  max;
 
-    if (path->limited) {
+    if (!path->validated) {
         max = path->received * 3;
         max = (path->sent >= max) ? 0 : max - path->sent;
 
diff -r 48691bab4474 -r bba136612fe4 src/event/quic/ngx_event_quic_socket.c
--- a/src/event/quic/ngx_event_quic_socket.c	Mon Aug 14 08:28:30 2023 +0400
+++ b/src/event/quic/ngx_event_quic_socket.c	Thu Jul 06 17:49:01 2023 +0400
@@ -82,7 +82,6 @@ ngx_quic_open_sockets(ngx_connection_t *
 
     if (pkt->validated) {
         qc->path->validated = 1;
-        qc->path->limited = 0;
     }
 
     ngx_quic_path_dbg(c, "set active", qc->path);

From arut at nginx.com  Mon Aug 14 14:01:22 2023
From: arut at nginx.com (Roman Arutyunyan)
Date: Mon, 14 Aug 2023 14:01:22 +0000
Subject: [nginx] QUIC: removed explicit packet padding for certain frames.
Message-ID: <hg.93aee926d27f.1692021682.6026610855610030274@dev.nginx>

details:   https://hg.nginx.org/nginx/rev/93aee926d27f
branches:  
changeset: 9145:93aee926d27f
user:      Roman Arutyunyan <arut at nginx.com>
date:      Thu Jul 06 11:30:47 2023 +0400
description:
QUIC: removed explicit packet padding for certain frames.

The frames for which the padding is removed are PATH_CHALLENGE and
PATH_RESPONSE, which are sent separately by ngx_quic_frame_sendto().

diffstat:

 src/event/quic/ngx_event_quic_output.c |  30 +-----------------------------
 1 files changed, 1 insertions(+), 29 deletions(-)

diffs (54 lines):

diff -r bba136612fe4 -r 93aee926d27f src/event/quic/ngx_event_quic_output.c
--- a/src/event/quic/ngx_event_quic_output.c	Thu Jul 06 17:49:01 2023 +0400
+++ b/src/event/quic/ngx_event_quic_output.c	Thu Jul 06 11:30:47 2023 +0400
@@ -525,7 +525,7 @@ ngx_quic_output_packet(ngx_connection_t 
     ssize_t                 flen;
     ngx_str_t               res;
     ngx_int_t               rc;
-    ngx_uint_t              nframes, expand;
+    ngx_uint_t              nframes;
     ngx_msec_t              now;
     ngx_queue_t            *q;
     ngx_quic_frame_t       *f;
@@ -560,7 +560,6 @@ ngx_quic_output_packet(ngx_connection_t 
     nframes = 0;
     p = src;
     len = 0;
-    expand = 0;
 
     for (q = ngx_queue_head(&ctx->frames);
          q != ngx_queue_sentinel(&ctx->frames);
@@ -568,33 +567,6 @@ ngx_quic_output_packet(ngx_connection_t 
     {
         f = ngx_queue_data(q, ngx_quic_frame_t, queue);
 
-        if (!expand && (f->type == NGX_QUIC_FT_PATH_RESPONSE
-                        || f->type == NGX_QUIC_FT_PATH_CHALLENGE))
-        {
-            /*
-             * RFC 9000, 8.2.1.  Initiating Path Validation
-             *
-             * An endpoint MUST expand datagrams that contain a
-             * PATH_CHALLENGE frame to at least the smallest allowed
-             * maximum datagram size of 1200 bytes...
-             *
-             * (same applies to PATH_RESPONSE frames)
-             */
-
-            if (max < 1200) {
-                /* expanded packet will not fit */
-                break;
-            }
-
-            if (min < 1200) {
-                min = 1200;
-
-                min_payload = ngx_quic_payload_size(&pkt, min);
-            }
-
-            expand = 1;
-        }
-
         if (len >= max_payload) {
             break;
         }

From arut at nginx.com  Mon Aug 14 14:01:25 2023
From: arut at nginx.com (Roman Arutyunyan)
Date: Mon, 14 Aug 2023 14:01:25 +0000
Subject: [nginx] QUIC: allowed ngx_quic_frame_sendto() to return NGX_AGAIN.
Message-ID: <hg.f3412ec3b6d1.1692021685.6026610855610030274@dev.nginx>

details:   https://hg.nginx.org/nginx/rev/f3412ec3b6d1
branches:  
changeset: 9146:f3412ec3b6d1
user:      Roman Arutyunyan <arut at nginx.com>
date:      Tue Aug 08 10:43:17 2023 +0400
description:
QUIC: allowed ngx_quic_frame_sendto() to return NGX_AGAIN.

Previously, NGX_AGAIN returned by ngx_quic_send() was treated by
ngx_quic_frame_sendto() as error, which triggered errors in its callers.
However, a blocked socket is not an error.  Now NGX_AGAIN is passed as is to
the ngx_quic_frame_sendto() callers, which can safely ignore it.

diffstat:

 src/event/quic/ngx_event_quic_migration.c |  6 +++---
 src/event/quic/ngx_event_quic_output.c    |  2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diffs (40 lines):

diff -r 93aee926d27f -r f3412ec3b6d1 src/event/quic/ngx_event_quic_migration.c
--- a/src/event/quic/ngx_event_quic_migration.c	Thu Jul 06 11:30:47 2023 +0400
+++ b/src/event/quic/ngx_event_quic_migration.c	Tue Aug 08 10:43:17 2023 +0400
@@ -46,7 +46,7 @@ ngx_quic_handle_path_challenge_frame(ngx
      * An endpoint MUST expand datagrams that contain a PATH_RESPONSE frame
      * to at least the smallest allowed maximum datagram size of 1200 bytes.
      */
-    if (ngx_quic_frame_sendto(c, &frame, 1200, pkt->path) != NGX_OK) {
+    if (ngx_quic_frame_sendto(c, &frame, 1200, pkt->path) == NGX_ERROR) {
         return NGX_ERROR;
     }
 
@@ -544,13 +544,13 @@ ngx_quic_send_path_challenge(ngx_connect
      */
 
      /* same applies to PATH_RESPONSE frames */
-    if (ngx_quic_frame_sendto(c, &frame, 1200, path) != NGX_OK) {
+    if (ngx_quic_frame_sendto(c, &frame, 1200, path) == NGX_ERROR) {
         return NGX_ERROR;
     }
 
     ngx_memcpy(frame.u.path_challenge.data, path->challenge2, 8);
 
-    if (ngx_quic_frame_sendto(c, &frame, 1200, path) != NGX_OK) {
+    if (ngx_quic_frame_sendto(c, &frame, 1200, path) == NGX_ERROR) {
         return NGX_ERROR;
     }
 
diff -r 93aee926d27f -r f3412ec3b6d1 src/event/quic/ngx_event_quic_output.c
--- a/src/event/quic/ngx_event_quic_output.c	Thu Jul 06 11:30:47 2023 +0400
+++ b/src/event/quic/ngx_event_quic_output.c	Tue Aug 08 10:43:17 2023 +0400
@@ -1233,7 +1233,7 @@ ngx_quic_frame_sendto(ngx_connection_t *
 
     sent = ngx_quic_send(c, res.data, res.len, path->sockaddr, path->socklen);
     if (sent < 0) {
-        return NGX_ERROR;
+        return sent;
     }
 
     path->sent += sent;

From arut at nginx.com  Mon Aug 14 14:01:28 2023
From: arut at nginx.com (Roman Arutyunyan)
Date: Mon, 14 Aug 2023 14:01:28 +0000
Subject: [nginx] QUIC: path MTU discovery.
Message-ID: <hg.58afcd72446f.1692021688.6026610855610030274@dev.nginx>

details:   https://hg.nginx.org/nginx/rev/58afcd72446f
branches:  
changeset: 9147:58afcd72446f
user:      Roman Arutyunyan <arut at nginx.com>
date:      Mon Aug 14 09:21:27 2023 +0400
description:
QUIC: path MTU discovery.

MTU selection starts by doubling the initial MTU until the first failure.
Then binary search is used to find the path MTU.

diffstat:

 src/core/ngx_connection.c                  |    5 +
 src/core/ngx_connection.h                  |    3 +-
 src/event/quic/ngx_event_quic.c            |    9 +-
 src/event/quic/ngx_event_quic_ack.c        |    6 +
 src/event/quic/ngx_event_quic_connection.h |   16 +-
 src/event/quic/ngx_event_quic_migration.c  |  391 +++++++++++++++++++++++-----
 src/event/quic/ngx_event_quic_migration.h  |   12 +-
 src/event/quic/ngx_event_quic_output.c     |   30 +--
 src/event/quic/ngx_event_quic_output.h     |    2 -
 src/event/quic/ngx_event_quic_ssl.c        |    2 +
 src/os/unix/ngx_errno.h                    |    1 +
 src/os/win32/ngx_errno.h                   |    1 +
 12 files changed, 362 insertions(+), 116 deletions(-)

diffs (783 lines):

diff -r f3412ec3b6d1 -r 58afcd72446f src/core/ngx_connection.c
--- a/src/core/ngx_connection.c	Tue Aug 08 10:43:17 2023 +0400
+++ b/src/core/ngx_connection.c	Mon Aug 14 09:21:27 2023 +0400
@@ -1583,6 +1583,10 @@ ngx_connection_error(ngx_connection_t *c
     }
 #endif
 
+    if (err == NGX_EMSGSIZE && c->log_error == NGX_ERROR_IGNORE_EMSGSIZE) {
+        return 0;
+    }
+
     if (err == 0
         || err == NGX_ECONNRESET
 #if (NGX_WIN32)
@@ -1600,6 +1604,7 @@ ngx_connection_error(ngx_connection_t *c
     {
         switch (c->log_error) {
 
+        case NGX_ERROR_IGNORE_EMSGSIZE:
         case NGX_ERROR_IGNORE_EINVAL:
         case NGX_ERROR_IGNORE_ECONNRESET:
         case NGX_ERROR_INFO:
diff -r f3412ec3b6d1 -r 58afcd72446f src/core/ngx_connection.h
--- a/src/core/ngx_connection.h	Tue Aug 08 10:43:17 2023 +0400
+++ b/src/core/ngx_connection.h	Mon Aug 14 09:21:27 2023 +0400
@@ -97,7 +97,8 @@ typedef enum {
     NGX_ERROR_ERR,
     NGX_ERROR_INFO,
     NGX_ERROR_IGNORE_ECONNRESET,
-    NGX_ERROR_IGNORE_EINVAL
+    NGX_ERROR_IGNORE_EINVAL,
+    NGX_ERROR_IGNORE_EMSGSIZE
 } ngx_connection_log_error_e;
 
 
diff -r f3412ec3b6d1 -r 58afcd72446f src/event/quic/ngx_event_quic.c
--- a/src/event/quic/ngx_event_quic.c	Tue Aug 08 10:43:17 2023 +0400
+++ b/src/event/quic/ngx_event_quic.c	Mon Aug 14 09:21:27 2023 +0400
@@ -149,11 +149,6 @@ ngx_quic_apply_transport_params(ngx_conn
         ngx_log_error(NGX_LOG_INFO, c->log, 0,
                       "quic maximum packet size is invalid");
         return NGX_ERROR;
-
-    } else if (ctp->max_udp_payload_size > ngx_quic_max_udp_payload(c)) {
-        ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c);
-        ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0,
-                       "quic client maximum packet size truncated");
     }
 
     if (ctp->active_connection_id_limit < 2) {
@@ -286,7 +281,7 @@ ngx_quic_new_connection(ngx_connection_t
 
     qc->path_validation.log = c->log;
     qc->path_validation.data = c;
-    qc->path_validation.handler = ngx_quic_path_validation_handler;
+    qc->path_validation.handler = ngx_quic_path_handler;
 
     qc->conf = conf;
 
@@ -297,7 +292,7 @@ ngx_quic_new_connection(ngx_connection_t
     ctp = &qc->ctp;
 
     /* defaults to be used before actual client parameters are received */
-    ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c);
+    ctp->max_udp_payload_size = NGX_QUIC_MAX_UDP_PAYLOAD_SIZE;
     ctp->ack_delay_exponent = NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT;
     ctp->max_ack_delay = NGX_QUIC_DEFAULT_MAX_ACK_DELAY;
     ctp->active_connection_id_limit = 2;
diff -r f3412ec3b6d1 -r 58afcd72446f src/event/quic/ngx_event_quic_ack.c
--- a/src/event/quic/ngx_event_quic_ack.c	Tue Aug 08 10:43:17 2023 +0400
+++ b/src/event/quic/ngx_event_quic_ack.c	Mon Aug 14 09:21:27 2023 +0400
@@ -229,6 +229,12 @@ ngx_quic_handle_ack_frame_range(ngx_conn
 
     qc = ngx_quic_get_connection(c);
 
+    if (ctx->level == ssl_encryption_application) {
+        if (ngx_quic_handle_path_mtu(c, qc->path, min, max) != NGX_OK) {
+            return NGX_ERROR;
+        }
+    }
+
     st->max_pn = NGX_TIMER_INFINITE;
     found = 0;
 
diff -r f3412ec3b6d1 -r 58afcd72446f src/event/quic/ngx_event_quic_connection.h
--- a/src/event/quic/ngx_event_quic_connection.h	Tue Aug 08 10:43:17 2023 +0400
+++ b/src/event/quic/ngx_event_quic_connection.h	Mon Aug 14 09:21:27 2023 +0400
@@ -66,6 +66,14 @@ typedef struct ngx_quic_keys_s        ng
 #define ngx_quic_get_socket(c)               ((ngx_quic_socket_t *)((c)->udp))
 
 
+typedef enum {
+    NGX_QUIC_PATH_IDLE = 0,
+    NGX_QUIC_PATH_VALIDATING,
+    NGX_QUIC_PATH_WAITING,
+    NGX_QUIC_PATH_MTUD
+} ngx_quic_path_state_e;
+
+
 struct ngx_quic_client_id_s {
     ngx_queue_t                       queue;
     uint64_t                          seqnum;
@@ -89,18 +97,22 @@ struct ngx_quic_path_s {
     ngx_sockaddr_t                    sa;
     socklen_t                         socklen;
     ngx_quic_client_id_t             *cid;
+    ngx_quic_path_state_e             state;
     ngx_msec_t                        expires;
     ngx_uint_t                        tries;
     ngx_uint_t                        tag;
+    size_t                            mtu;
+    size_t                            mtud;
+    size_t                            max_mtu;
     off_t                             sent;
     off_t                             received;
     u_char                            challenge1[8];
     u_char                            challenge2[8];
     uint64_t                          seqnum;
+    uint64_t                          mtu_pnum[NGX_QUIC_PATH_RETRIES];
     ngx_str_t                         addr_text;
     u_char                            text[NGX_SOCKADDR_STRLEN];
-    unsigned                          validated:1;
-    unsigned                          validating:1;
+    ngx_uint_t                        validated; /* unsigned validated:1; */
 };
 
 
diff -r f3412ec3b6d1 -r 58afcd72446f src/event/quic/ngx_event_quic_migration.c
--- a/src/event/quic/ngx_event_quic_migration.c	Tue Aug 08 10:43:17 2023 +0400
+++ b/src/event/quic/ngx_event_quic_migration.c	Mon Aug 14 09:21:27 2023 +0400
@@ -10,6 +10,10 @@
 #include <ngx_event_quic_connection.h>
 
 
+#define NGX_QUIC_PATH_MTU_DELAY       100
+#define NGX_QUIC_PATH_MTU_PRECISION   16
+
+
 static void ngx_quic_set_connection_path(ngx_connection_t *c,
     ngx_quic_path_t *path);
 static ngx_int_t ngx_quic_validate_path(ngx_connection_t *c,
@@ -17,7 +21,15 @@ static ngx_int_t ngx_quic_validate_path(
 static ngx_int_t ngx_quic_send_path_challenge(ngx_connection_t *c,
     ngx_quic_path_t *path);
 static void ngx_quic_set_path_timer(ngx_connection_t *c);
+static ngx_int_t ngx_quic_expire_path_validation(ngx_connection_t *c,
+    ngx_quic_path_t *path);
+static ngx_int_t ngx_quic_expire_path_mtu_delay(ngx_connection_t *c,
+    ngx_quic_path_t *path);
+static ngx_int_t ngx_quic_expire_path_mtu_discovery(ngx_connection_t *c,
+    ngx_quic_path_t *path);
 static ngx_quic_path_t *ngx_quic_get_path(ngx_connection_t *c, ngx_uint_t tag);
+static ngx_int_t ngx_quic_send_path_mtu_probe(ngx_connection_t *c,
+    ngx_quic_path_t *path);
 
 
 ngx_int_t
@@ -97,7 +109,7 @@ ngx_quic_handle_path_response_frame(ngx_
     {
         path = ngx_queue_data(q, ngx_quic_path_t, queue);
 
-        if (!path->validating) {
+        if (path->state != NGX_QUIC_PATH_VALIDATING) {
             continue;
         }
 
@@ -136,6 +148,9 @@ valid:
         {
             /* address did not change */
             rst = 0;
+
+            path->mtu = prev->mtu;
+            path->max_mtu = prev->max_mtu;
         }
     }
 
@@ -167,9 +182,8 @@ valid:
     ngx_quic_path_dbg(c, "is validated", path);
 
     path->validated = 1;
-    path->validating = 0;
 
-    ngx_quic_set_path_timer(c);
+    ngx_quic_discover_path_mtu(c, path);
 
     return NGX_OK;
 }
@@ -217,6 +231,8 @@ ngx_quic_new_path(ngx_connection_t *c,
     path->addr_text.len = ngx_sock_ntop(sockaddr, socklen, path->text,
                                         NGX_SOCKADDR_STRLEN, 1);
 
+    path->mtu = NGX_QUIC_MIN_INITIAL_SIZE;
+
     ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
                    "quic path seq:%uL created addr:%V",
                    path->seqnum, &path->addr_text);
@@ -464,7 +480,7 @@ ngx_quic_handle_migration(ngx_connection
 
     ngx_quic_set_connection_path(c, next);
 
-    if (!next->validated && !next->validating) {
+    if (!next->validated && next->state != NGX_QUIC_PATH_VALIDATING) {
         if (ngx_quic_validate_path(c, next) != NGX_OK) {
             return NGX_ERROR;
         }
@@ -492,7 +508,6 @@ ngx_quic_validate_path(ngx_connection_t 
     ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
                    "quic initiated validation of path seq:%uL", path->seqnum);
 
-    path->validating = 1;
     path->tries = 0;
 
     if (RAND_bytes(path->challenge1, 8) != 1) {
@@ -511,6 +526,7 @@ ngx_quic_validate_path(ngx_connection_t 
     pto = ngx_max(ngx_quic_pto(c, ctx), 1000);
 
     path->expires = ngx_current_msec + pto;
+    path->state = NGX_QUIC_PATH_VALIDATING;
 
     ngx_quic_set_path_timer(c);
 
@@ -558,6 +574,42 @@ ngx_quic_send_path_challenge(ngx_connect
 }
 
 
+void
+ngx_quic_discover_path_mtu(ngx_connection_t *c, ngx_quic_path_t *path)
+{
+    ngx_quic_connection_t  *qc;
+
+    qc = ngx_quic_get_connection(c);
+
+    if (path->max_mtu) {
+        if (path->max_mtu - path->mtu <= NGX_QUIC_PATH_MTU_PRECISION) {
+            path->state = NGX_QUIC_PATH_IDLE;
+            ngx_quic_set_path_timer(c);
+            return;
+        }
+
+        path->mtud = (path->mtu + path->max_mtu) / 2;
+
+    } else {
+        path->mtud = path->mtu * 2;
+
+        if (path->mtud >= qc->ctp.max_udp_payload_size) {
+            path->mtud = qc->ctp.max_udp_payload_size;
+            path->max_mtu = qc->ctp.max_udp_payload_size;
+        }
+    }
+
+    path->state = NGX_QUIC_PATH_WAITING;
+    path->expires = ngx_current_msec + NGX_QUIC_PATH_MTU_DELAY;
+
+    ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
+                   "quic path seq:%uL schedule mtu:%uz",
+                   path->seqnum, path->mtud);
+
+    ngx_quic_set_path_timer(c);
+}
+
+
 static void
 ngx_quic_set_path_timer(ngx_connection_t *c)
 {
@@ -578,7 +630,7 @@ ngx_quic_set_path_timer(ngx_connection_t
     {
         path = ngx_queue_data(q, ngx_quic_path_t, queue);
 
-        if (!path->validating) {
+        if (path->state == NGX_QUIC_PATH_IDLE) {
             continue;
         }
 
@@ -600,22 +652,18 @@ ngx_quic_set_path_timer(ngx_connection_t
 
 
 void
-ngx_quic_path_validation_handler(ngx_event_t *ev)
+ngx_quic_path_handler(ngx_event_t *ev)
 {
     ngx_msec_t              now;
     ngx_queue_t            *q;
-    ngx_msec_int_t          left, next, pto;
-    ngx_quic_path_t        *path, *bkp;
+    ngx_msec_int_t          left;
+    ngx_quic_path_t        *path;
     ngx_connection_t       *c;
-    ngx_quic_send_ctx_t    *ctx;
     ngx_quic_connection_t  *qc;
 
     c = ev->data;
     qc = ngx_quic_get_connection(c);
 
-    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
-
-    next = -1;
     now = ngx_current_msec;
 
     q = ngx_queue_head(&qc->paths);
@@ -625,83 +673,280 @@ ngx_quic_path_validation_handler(ngx_eve
         path = ngx_queue_data(q, ngx_quic_path_t, queue);
         q = ngx_queue_next(q);
 
-        if (!path->validating) {
+        if (path->state == NGX_QUIC_PATH_IDLE) {
             continue;
         }
 
         left = path->expires - now;
 
         if (left > 0) {
-
-            if (next == -1 || left < next) {
-                next = left;
-            }
-
-            continue;
-        }
-
-        if (++path->tries < NGX_QUIC_PATH_RETRIES) {
-            pto = ngx_max(ngx_quic_pto(c, ctx), 1000) << path->tries;
-
-            path->expires = ngx_current_msec + pto;
-
-            if (next == -1 || pto < next) {
-                next = pto;
-            }
-
-            /* retransmit */
-            (void) ngx_quic_send_path_challenge(c, path);
-
             continue;
         }
 
-        ngx_log_debug1(NGX_LOG_DEBUG_EVENT, ev->log, 0,
-                       "quic path seq:%uL validation failed", path->seqnum);
-
-        /* found expired path */
-
-        path->validated = 0;
-        path->validating = 0;
-
-
-        /* RFC 9000, 9.3.2.  On-Path Address Spoofing
-         *
-         * To protect the connection from failing due to such a spurious
-         * migration, an endpoint MUST revert to using the last validated
-         * peer address when validation of a new peer address fails.
-         */
-
-        if (qc->path == path) {
-            /* active path validation failed */
-
-            bkp = ngx_quic_get_path(c, NGX_QUIC_PATH_BACKUP);
-
-            if (bkp == NULL) {
-                qc->error = NGX_QUIC_ERR_NO_VIABLE_PATH;
-                qc->error_reason = "no viable path";
-                ngx_quic_close_connection(c, NGX_ERROR);
-                return;
+        switch (path->state) {
+        case NGX_QUIC_PATH_VALIDATING:
+            if (ngx_quic_expire_path_validation(c, path) != NGX_OK) {
+                goto failed;
             }
 
-            qc->path = bkp;
-            qc->path->tag = NGX_QUIC_PATH_ACTIVE;
+            break;
 
-            ngx_quic_set_connection_path(c, qc->path);
+        case NGX_QUIC_PATH_WAITING:
+            if (ngx_quic_expire_path_mtu_delay(c, path) != NGX_OK) {
+                goto failed;
+            }
+
+            break;
 
-            ngx_log_error(NGX_LOG_INFO, c->log, 0,
-                          "quic path seq:%uL addr:%V is restored from backup",
-                          qc->path->seqnum, &qc->path->addr_text);
+        case NGX_QUIC_PATH_MTUD:
+            if (ngx_quic_expire_path_mtu_discovery(c, path) != NGX_OK) {
+                goto failed;
+            }
 
-            ngx_quic_path_dbg(c, "is active", qc->path);
-        }
+            break;
 
-        if (ngx_quic_free_path(c, path) != NGX_OK) {
-            ngx_quic_close_connection(c, NGX_ERROR);
-            return;
+        default:
+            break;
         }
     }
 
-    if (next != -1) {
-        ngx_add_timer(&qc->path_validation, next);
+    ngx_quic_set_path_timer(c);
+
+    return;
+
+failed:
+
+    ngx_quic_close_connection(c, NGX_ERROR);
+}
+
+
+static ngx_int_t
+ngx_quic_expire_path_validation(ngx_connection_t *c, ngx_quic_path_t *path)
+{
+    ngx_msec_int_t          pto;
+    ngx_quic_path_t        *bkp;
+    ngx_quic_send_ctx_t    *ctx;
+    ngx_quic_connection_t  *qc;
+
+    qc = ngx_quic_get_connection(c);
+    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
+
+    if (++path->tries < NGX_QUIC_PATH_RETRIES) {
+        pto = ngx_max(ngx_quic_pto(c, ctx), 1000) << path->tries;
+        path->expires = ngx_current_msec + pto;
+
+        (void) ngx_quic_send_path_challenge(c, path);
+
+        return NGX_OK;
+    }
+
+    ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
+                   "quic path seq:%uL validation failed", path->seqnum);
+
+    /* found expired path */
+
+    path->validated = 0;
+
+
+    /* RFC 9000, 9.3.2.  On-Path Address Spoofing
+     *
+     * To protect the connection from failing due to such a spurious
+     * migration, an endpoint MUST revert to using the last validated
+     * peer address when validation of a new peer address fails.
+     */
+
+    if (qc->path == path) {
+        /* active path validation failed */
+
+        bkp = ngx_quic_get_path(c, NGX_QUIC_PATH_BACKUP);
+
+        if (bkp == NULL) {
+            qc->error = NGX_QUIC_ERR_NO_VIABLE_PATH;
+            qc->error_reason = "no viable path";
+            return NGX_ERROR;
+        }
+
+        qc->path = bkp;
+        qc->path->tag = NGX_QUIC_PATH_ACTIVE;
+
+        ngx_quic_set_connection_path(c, qc->path);
+
+        ngx_log_error(NGX_LOG_INFO, c->log, 0,
+                      "quic path seq:%uL addr:%V is restored from backup",
+                      qc->path->seqnum, &qc->path->addr_text);
+
+        ngx_quic_path_dbg(c, "is active", qc->path);
+    }
+
+    return ngx_quic_free_path(c, path);
+}
+
+
+static ngx_int_t
+ngx_quic_expire_path_mtu_delay(ngx_connection_t *c, ngx_quic_path_t *path)
+{
+    ngx_int_t               rc;
+    ngx_uint_t              i;
+    ngx_msec_t              pto;
+    ngx_quic_send_ctx_t    *ctx;
+    ngx_quic_connection_t  *qc;
+
+    qc = ngx_quic_get_connection(c);
+    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
+
+    path->tries = 0;
+
+    for ( ;; ) {
+
+        for (i = 0; i < NGX_QUIC_PATH_RETRIES; i++) {
+            path->mtu_pnum[i] = NGX_QUIC_UNSET_PN;
+        }
+
+        rc = ngx_quic_send_path_mtu_probe(c, path);
+
+        if (rc == NGX_ERROR) {
+            return NGX_ERROR;
+        }
+
+        if (rc == NGX_OK) {
+            pto = ngx_quic_pto(c, ctx);
+            path->expires = ngx_current_msec + pto;
+            path->state = NGX_QUIC_PATH_MTUD;
+            return NGX_OK;
+        }
+
+        /* rc == NGX_DECLINED */
+
+        path->max_mtu = path->mtud;
+
+        if (path->max_mtu - path->mtu <= NGX_QUIC_PATH_MTU_PRECISION) {
+            path->state = NGX_QUIC_PATH_IDLE;
+            return NGX_OK;
+        }
+
+        path->mtud = (path->mtu + path->max_mtu) / 2;
     }
 }
+
+
+static ngx_int_t
+ngx_quic_expire_path_mtu_discovery(ngx_connection_t *c, ngx_quic_path_t *path)
+{
+    ngx_int_t               rc;
+    ngx_msec_int_t          pto;
+    ngx_quic_send_ctx_t    *ctx;
+    ngx_quic_connection_t  *qc;
+
+    qc = ngx_quic_get_connection(c);
+    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
+
+    if (++path->tries < NGX_QUIC_PATH_RETRIES) {
+        rc = ngx_quic_send_path_mtu_probe(c, path);
+
+        if (rc == NGX_ERROR) {
+            return NGX_ERROR;
+        }
+
+        if (rc == NGX_OK) {
+            pto = ngx_quic_pto(c, ctx) << path->tries;
+            path->expires = ngx_current_msec + pto;
+            return NGX_OK;
+        }
+
+        /* rc == NGX_DECLINED */
+    }
+
+    ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
+                   "quic path seq:%uL expired mtu:%uz",
+                   path->seqnum, path->mtud);
+
+    path->max_mtu = path->mtud;
+
+    ngx_quic_discover_path_mtu(c, path);
+
+    return NGX_OK;
+}
+
+
+static ngx_int_t
+ngx_quic_send_path_mtu_probe(ngx_connection_t *c, ngx_quic_path_t *path)
+{
+    ngx_int_t               rc;
+    ngx_uint_t              log_error;
+    ngx_quic_frame_t        frame;
+    ngx_quic_send_ctx_t    *ctx;
+    ngx_quic_connection_t  *qc;
+
+    ngx_memzero(&frame, sizeof(ngx_quic_frame_t));
+
+    frame.level = ssl_encryption_application;
+    frame.type = NGX_QUIC_FT_PING;
+
+    qc = ngx_quic_get_connection(c);
+    ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
+    path->mtu_pnum[path->tries] = ctx->pnum;
+
+    ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0,
+                   "quic path seq:%uL send probe "
+                   "mtu:%uz pnum:%uL tries:%ui",
+                   path->seqnum, path->mtud, ctx->pnum, path->tries);
+
+    log_error = c->log_error;
+    c->log_error = NGX_ERROR_IGNORE_EMSGSIZE;
+
+    rc = ngx_quic_frame_sendto(c, &frame, path->mtud, path);
+    c->log_error = log_error;
+
+    if (rc == NGX_ERROR) {
+        if (c->write->error) {
+            c->write->error = 0;
+
+            ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
+                           "quic path seq:%uL rejected mtu:%uz",
+                           path->seqnum, path->mtud);
+
+            return NGX_DECLINED;
+        }
+
+        return NGX_ERROR;
+    }
+
+    return NGX_OK;
+}
+
+
+ngx_int_t
+ngx_quic_handle_path_mtu(ngx_connection_t *c, ngx_quic_path_t *path,
+    uint64_t min, uint64_t max)
+{
+    uint64_t    pnum;
+    ngx_uint_t  i;
+
+    if (path->state != NGX_QUIC_PATH_MTUD) {
+        return NGX_OK;
+    }
+
+    for (i = 0; i < NGX_QUIC_PATH_RETRIES; i++) {
+        pnum = path->mtu_pnum[i];
+
+        if (pnum == NGX_QUIC_UNSET_PN) {
+            break;
+        }
+
+        if (pnum < min || pnum > max) {
+            continue;
+        }
+
+        path->mtu = path->mtud;
+
+        ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
+                       "quic path seq:%uL ack mtu:%uz",
+                       path->seqnum, path->mtu);
+
+        ngx_quic_discover_path_mtu(c, path);
+
+        break;
+    }
+
+    return NGX_OK;
+}
diff -r f3412ec3b6d1 -r 58afcd72446f src/event/quic/ngx_event_quic_migration.h
--- a/src/event/quic/ngx_event_quic_migration.h	Tue Aug 08 10:43:17 2023 +0400
+++ b/src/event/quic/ngx_event_quic_migration.h	Mon Aug 14 09:21:27 2023 +0400
@@ -18,10 +18,10 @@
 #define NGX_QUIC_PATH_BACKUP    2
 
 #define ngx_quic_path_dbg(c, msg, path)                                       \
-    ngx_log_debug6(NGX_LOG_DEBUG_EVENT, c->log, 0,                            \
-                   "quic path seq:%uL %s sent:%O recvd:%O state:%s%s",        \
+    ngx_log_debug7(NGX_LOG_DEBUG_EVENT, c->log, 0,                            \
+                   "quic path seq:%uL %s tx:%O rx:%O valid:%ui st:%d mtu:%uz",\
                    path->seqnum, msg, path->sent, path->received,             \
-                   path->validated ? "V": "N", path->validating ? "R": "");
+                   path->validated, path->state, path->mtu);
 
 ngx_int_t ngx_quic_handle_path_challenge_frame(ngx_connection_t *c,
     ngx_quic_header_t *pkt, ngx_quic_path_challenge_frame_t *f);
@@ -36,6 +36,10 @@ ngx_int_t ngx_quic_set_path(ngx_connecti
 ngx_int_t ngx_quic_handle_migration(ngx_connection_t *c,
     ngx_quic_header_t *pkt);
 
-void ngx_quic_path_validation_handler(ngx_event_t *ev);
+void ngx_quic_path_handler(ngx_event_t *ev);
+
+void ngx_quic_discover_path_mtu(ngx_connection_t *c, ngx_quic_path_t *path);
+ngx_int_t ngx_quic_handle_path_mtu(ngx_connection_t *c,
+    ngx_quic_path_t *path, uint64_t min, uint64_t max);
 
 #endif /* _NGX_EVENT_QUIC_MIGRATION_H_INCLUDED_ */
diff -r f3412ec3b6d1 -r 58afcd72446f src/event/quic/ngx_event_quic_output.c
--- a/src/event/quic/ngx_event_quic_output.c	Tue Aug 08 10:43:17 2023 +0400
+++ b/src/event/quic/ngx_event_quic_output.c	Mon Aug 14 09:21:27 2023 +0400
@@ -10,9 +10,6 @@
 #include <ngx_event_quic_connection.h>
 
 
-#define NGX_QUIC_MAX_UDP_PAYLOAD_OUT   1252
-#define NGX_QUIC_MAX_UDP_PAYLOAD_OUT6  1232
-
 #define NGX_QUIC_MAX_UDP_SEGMENT_BUF  65487 /* 65K - IPv6 header */
 #define NGX_QUIC_MAX_SEGMENTS            64 /* UDP_MAX_SEGMENTS */
 
@@ -61,21 +58,6 @@ static size_t ngx_quic_path_limit(ngx_co
     size_t size);
 
 
-size_t
-ngx_quic_max_udp_payload(ngx_connection_t *c)
-{
-    /* TODO: path MTU discovery */
-
-#if (NGX_HAVE_INET6)
-    if (c->sockaddr->sa_family == AF_INET6) {
-        return NGX_QUIC_MAX_UDP_PAYLOAD_OUT6;
-    }
-#endif
-
-    return NGX_QUIC_MAX_UDP_PAYLOAD_OUT;
-}
-
-
 ngx_int_t
 ngx_quic_output(ngx_connection_t *c)
 {
@@ -142,10 +124,7 @@ ngx_quic_create_datagrams(ngx_connection
 
         p = dst;
 
-        len = ngx_min(qc->ctp.max_udp_payload_size,
-                      NGX_QUIC_MAX_UDP_PAYLOAD_SIZE);
-
-        len = ngx_quic_path_limit(c, path, len);
+        len = ngx_quic_path_limit(c, path, path->mtu);
 
         pad = ngx_quic_get_padding_level(c);
 
@@ -299,9 +278,7 @@ ngx_quic_allow_segmentation(ngx_connecti
     ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
 
     bytes = 0;
-
-    len = ngx_min(qc->ctp.max_udp_payload_size,
-                  NGX_QUIC_MAX_UDP_SEGMENT_BUF);
+    len = ngx_min(qc->path->mtu, NGX_QUIC_MAX_UDP_SEGMENT_BUF);
 
     for (q = ngx_queue_head(&ctx->frames);
          q != ngx_queue_sentinel(&ctx->frames);
@@ -345,8 +322,7 @@ ngx_quic_create_segments(ngx_connection_
         return NGX_ERROR;
     }
 
-    segsize = ngx_min(qc->ctp.max_udp_payload_size,
-                      NGX_QUIC_MAX_UDP_SEGMENT_BUF);
+    segsize = ngx_min(path->mtu, NGX_QUIC_MAX_UDP_SEGMENT_BUF);
     p = dst;
     end = dst + sizeof(dst);
 
diff -r f3412ec3b6d1 -r 58afcd72446f src/event/quic/ngx_event_quic_output.h
--- a/src/event/quic/ngx_event_quic_output.h	Tue Aug 08 10:43:17 2023 +0400
+++ b/src/event/quic/ngx_event_quic_output.h	Mon Aug 14 09:21:27 2023 +0400
@@ -12,8 +12,6 @@
 #include <ngx_core.h>
 
 
-size_t ngx_quic_max_udp_payload(ngx_connection_t *c);
-
 ngx_int_t ngx_quic_output(ngx_connection_t *c);
 
 ngx_int_t ngx_quic_negotiate_version(ngx_connection_t *c,
diff -r f3412ec3b6d1 -r 58afcd72446f src/event/quic/ngx_event_quic_ssl.c
--- a/src/event/quic/ngx_event_quic_ssl.c	Tue Aug 08 10:43:17 2023 +0400
+++ b/src/event/quic/ngx_event_quic_ssl.c	Mon Aug 14 09:21:27 2023 +0400
@@ -494,6 +494,8 @@ ngx_quic_crypto_input(ngx_connection_t *
      */
     ngx_quic_discard_ctx(c, ssl_encryption_handshake);
 
+    ngx_quic_discover_path_mtu(c, qc->path);
+
     /* start accepting clients on negotiated number of server ids */
     if (ngx_quic_create_sockets(c) != NGX_OK) {
         return NGX_ERROR;
diff -r f3412ec3b6d1 -r 58afcd72446f src/os/unix/ngx_errno.h
--- a/src/os/unix/ngx_errno.h	Tue Aug 08 10:43:17 2023 +0400
+++ b/src/os/unix/ngx_errno.h	Mon Aug 14 09:21:27 2023 +0400
@@ -54,6 +54,7 @@ typedef int               ngx_err_t;
 #define NGX_ENOMOREFILES  0
 #define NGX_ELOOP         ELOOP
 #define NGX_EBADF         EBADF
+#define NGX_EMSGSIZE      EMSGSIZE
 
 #if (NGX_HAVE_OPENAT)
 #define NGX_EMLINK        EMLINK
diff -r f3412ec3b6d1 -r 58afcd72446f src/os/win32/ngx_errno.h
--- a/src/os/win32/ngx_errno.h	Tue Aug 08 10:43:17 2023 +0400
+++ b/src/os/win32/ngx_errno.h	Mon Aug 14 09:21:27 2023 +0400
@@ -57,6 +57,7 @@ typedef DWORD                      ngx_e
 #define NGX_EILSEQ                 ERROR_NO_UNICODE_TRANSLATION
 #define NGX_ELOOP                  0
 #define NGX_EBADF                  WSAEBADF
+#define NGX_EMSGSIZE               WSAEMSGSIZE
 
 #define NGX_EALREADY               WSAEALREADY
 #define NGX_EINVAL                 WSAEINVAL

From mdounin at mdounin.ru  Tue Aug 15 15:32:54 2023
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 15 Aug 2023 18:32:54 +0300
Subject: nginx 1.25.2 changes draft
Message-ID: <ZNuapmHNofs3cyPo@mdounin.ru>

Hello!


Changes with nginx 1.25.2                                        15 Aug 2023

    *) Feature: path MTU discovery when using HTTP/3.

    *) Change: now nginx uses appname "nginx" when loading OpenSSL
       configuration.

    *) Change: now nginx does not try to load OpenSSL configuration if the
       --with-openssl option was used to built OpenSSL and the OPENSSL_CONF
       environment variable is not set.

    *) Bugfix: in the $body_bytes_sent variable when using HTTP/3.


Изменения в nginx 1.25.2                                          15.08.2023

    *) Добавление: path MTU discovery при использовании HTTP/3.

    *) Изменение: теперь при загрузке конфигурации OpenSSL nginx использует
       appname "nginx".

    *) Изменение: теперь nginx не пытается загружать конфигурацию OpenSSL,
       если для сборки OpenSSL использовалась опция --with-openssl и
       переменная окружения OPENSSL_CONF не установлена.

    *) Исправление: в переменной $body_bytes_sent при использовании HTTP/3.


-- 
Maxim Dounin
http://mdounin.ru/

From arut at nginx.com  Tue Aug 15 15:47:02 2023
From: arut at nginx.com (Roman Arutyunyan)
Date: Tue, 15 Aug 2023 19:47:02 +0400
Subject: nginx 1.25.2 changes draft
In-Reply-To: <ZNuapmHNofs3cyPo@mdounin.ru>
References: <ZNuapmHNofs3cyPo@mdounin.ru>
Message-ID: <20230815154702.bwrggepl56d4k3ia@N00W24XTQX>

Hi,

On Tue, Aug 15, 2023 at 06:32:54PM +0300, Maxim Dounin wrote:
> Hello!
> 
> 
> Changes with nginx 1.25.2                                        15 Aug 2023
> 
>     *) Feature: path MTU discovery when using HTTP/3.
> 
>     *) Change: now nginx uses appname "nginx" when loading OpenSSL
>        configuration.
> 
>     *) Change: now nginx does not try to load OpenSSL configuration if the
>        --with-openssl option was used to built OpenSSL and the OPENSSL_CONF
>        environment variable is not set.
> 
>     *) Bugfix: in the $body_bytes_sent variable when using HTTP/3.
> 
> 
> Изменения в nginx 1.25.2                                          15.08.2023
> 
>     *) Добавление: path MTU discovery при использовании HTTP/3.
> 
>     *) Изменение: теперь при загрузке конфигурации OpenSSL nginx использует
>        appname "nginx".
> 
>     *) Изменение: теперь nginx не пытается загружать конфигурацию OpenSSL,
>        если для сборки OpenSSL использовалась опция --with-openssl и
>        переменная окружения OPENSSL_CONF не установлена.
> 
>     *) Исправление: в переменной $body_bytes_sent при использовании HTTP/3.

Looks good to me.

--
Roman Arutyunyan

From pluknet at nginx.com  Tue Aug 15 15:48:05 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Tue, 15 Aug 2023 19:48:05 +0400
Subject: nginx 1.25.2 changes draft
In-Reply-To: <ZNuapmHNofs3cyPo@mdounin.ru>
References: <ZNuapmHNofs3cyPo@mdounin.ru>
Message-ID: <9A2FC9A4-36B1-45EC-81A8-F6CCD0392183@nginx.com>


> On 15 Aug 2023, at 19:32, Maxim Dounin <mdounin at mdounin.ru> wrote:
> 
> Hello!
> 
> 
> Changes with nginx 1.25.2                                        15 Aug 2023
> 
>    *) Feature: path MTU discovery when using HTTP/3.
> 
>    *) Change: now nginx uses appname "nginx" when loading OpenSSL
>       configuration.
> 
>    *) Change: now nginx does not try to load OpenSSL configuration if the
>       --with-openssl option was used to built OpenSSL and the OPENSSL_CONF
>       environment variable is not set.
> 
>    *) Bugfix: in the $body_bytes_sent variable when using HTTP/3.
> 

There were bugfixes in QUIC, which may deserve a separate line.

Also I'd add TLS_AES_128_CCM_SHA256 cipher suite support in QUIC,
and a switch to using AEAD-encrypted QUIC address validation tokens,
which essentially provides now authenticated encryption.

> 
> Изменения в nginx 1.25.2                                          15.08.2023
> 
>    *) Добавление: path MTU discovery при использовании HTTP/3.
> 
>    *) Изменение: теперь при загрузке конфигурации OpenSSL nginx использует
>       appname "nginx".
> 
>    *) Изменение: теперь nginx не пытается загружать конфигурацию OpenSSL,
>       если для сборки OpenSSL использовалась опция --with-openssl и
>       переменная окружения OPENSSL_CONF не установлена.
> 
>    *) Исправление: в переменной $body_bytes_sent при использовании HTTP/3.
> 
> 
> -- 
> Maxim Dounin
> http://mdounin.ru/
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> https://mailman.nginx.org/mailman/listinfo/nginx-devel

-- 
Sergey Kandaurov

From pluknet at nginx.com  Tue Aug 15 15:59:15 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Tue, 15 Aug 2023 19:59:15 +0400
Subject: nginx 1.25.2 changes draft
In-Reply-To: <ZNuapmHNofs3cyPo@mdounin.ru>
References: <ZNuapmHNofs3cyPo@mdounin.ru>
Message-ID: <97770BCF-3251-47EC-A91F-B6E7800CD59A@nginx.com>


> On 15 Aug 2023, at 19:32, Maxim Dounin <mdounin at mdounin.ru> wrote:
> 
> Hello!
> 
> 
> Changes with nginx 1.25.2                                        15 Aug 2023
> 
>    *) Feature: path MTU discovery when using HTTP/3.
> 
>    *) Change: now nginx uses appname "nginx" when loading OpenSSL
>       configuration.
> 
>    *) Change: now nginx does not try to load OpenSSL configuration if the
>       --with-openssl option was used to built OpenSSL and the OPENSSL_CONF
>       environment variable is not set.
> 
>    *) Bugfix: in the $body_bytes_sent variable when using HTTP/3.
> 
> 
> Изменения в nginx 1.25.2                                          15.08.2023
> 
>    *) Добавление: path MTU discovery при использовании HTTP/3.
> 
>    *) Изменение: теперь при загрузке конфигурации OpenSSL nginx использует
>       appname "nginx".
> 
>    *) Изменение: теперь nginx не пытается загружать конфигурацию OpenSSL,
>       если для сборки OpenSSL использовалась опция --with-openssl и

Для configure "option" прецедентно переводится в changes
как "параметр", см. например 1.11.5 changes:

<para lang="ru">
nginx не собирался с модулем ngx_http_perl_module,
если использовался параметр --with-openssl;
ошибка появилась в 1.3.16.
</para>
<para lang="en">
nginx could not be built with the ngx_http_perl_module
if the --with-openssl option was used;
the bug had appeared in 1.3.16.
</para>

(А вот socket option как "опция сокета.)

>       переменная окружения OPENSSL_CONF не установлена.
> 
>    *) Исправление: в переменной $body_bytes_sent при использовании HTTP/3.
> 
> 
> -- 
> Maxim Dounin
> http://mdounin.ru/
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> https://mailman.nginx.org/mailman/listinfo/nginx-devel

-- 
Sergey Kandaurov

From mdounin at mdounin.ru  Tue Aug 15 16:08:12 2023
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 15 Aug 2023 19:08:12 +0300
Subject: nginx 1.25.2 changes draft
In-Reply-To: <97770BCF-3251-47EC-A91F-B6E7800CD59A@nginx.com>
References: <ZNuapmHNofs3cyPo@mdounin.ru>
 <97770BCF-3251-47EC-A91F-B6E7800CD59A@nginx.com>
Message-ID: <ZNui7H5ZZGpGVXpC@mdounin.ru>

Hello!

On Tue, Aug 15, 2023 at 07:59:15PM +0400, Sergey Kandaurov wrote:

> > On 15 Aug 2023, at 19:32, Maxim Dounin <mdounin at mdounin.ru> wrote:
> > 
> > Hello!
> > 
> > 
> > Changes with nginx 1.25.2                                        15 Aug 2023
> > 
> >    *) Feature: path MTU discovery when using HTTP/3.
> > 
> >    *) Change: now nginx uses appname "nginx" when loading OpenSSL
> >       configuration.
> > 
> >    *) Change: now nginx does not try to load OpenSSL configuration if the
> >       --with-openssl option was used to built OpenSSL and the OPENSSL_CONF
> >       environment variable is not set.
> > 
> >    *) Bugfix: in the $body_bytes_sent variable when using HTTP/3.
> > 
> > 
> > Изменения в nginx 1.25.2                                          15.08.2023
> > 
> >    *) Добавление: path MTU discovery при использовании HTTP/3.
> > 
> >    *) Изменение: теперь при загрузке конфигурации OpenSSL nginx использует
> >       appname "nginx".
> > 
> >    *) Изменение: теперь nginx не пытается загружать конфигурацию OpenSSL,
> >       если для сборки OpenSSL использовалась опция --with-openssl и
> 
> Для configure "option" прецедентно переводится в changes
> как "параметр", см. например 1.11.5 changes:
> 
> <para lang="ru">
> nginx не собирался с модулем ngx_http_perl_module,
> если использовался параметр --with-openssl;
> ошибка появилась в 1.3.16.
> </para>
> <para lang="en">
> nginx could not be built with the ngx_http_perl_module
> if the --with-openssl option was used;
> the bug had appeared in 1.3.16.
> </para>
> 
> (А вот socket option как "опция сокета.)

Fixed, thnx.

> 
> >       переменная окружения OPENSSL_CONF не установлена.
> > 
> >    *) Исправление: в переменной $body_bytes_sent при использовании HTTP/3.
> > 
> > 
> > -- 
> > Maxim Dounin
> > http://mdounin.ru/
> > _______________________________________________
> > nginx-devel mailing list
> > nginx-devel at nginx.org
> > https://mailman.nginx.org/mailman/listinfo/nginx-devel
> 
> -- 
> Sergey Kandaurov
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> https://mailman.nginx.org/mailman/listinfo/nginx-devel

-- 
Maxim Dounin
http://mdounin.ru/

From mdounin at mdounin.ru  Tue Aug 15 16:44:13 2023
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 15 Aug 2023 19:44:13 +0300
Subject: nginx 1.25.2 changes draft
In-Reply-To: <9A2FC9A4-36B1-45EC-81A8-F6CCD0392183@nginx.com>
References: <ZNuapmHNofs3cyPo@mdounin.ru>
 <9A2FC9A4-36B1-45EC-81A8-F6CCD0392183@nginx.com>
Message-ID: <ZNurXeOPMHgTlZ/L@mdounin.ru>

Hello!

On Tue, Aug 15, 2023 at 07:48:05PM +0400, Sergey Kandaurov wrote:

> 
> > On 15 Aug 2023, at 19:32, Maxim Dounin <mdounin at mdounin.ru> wrote:
> > 
> > Hello!
> > 
> > 
> > Changes with nginx 1.25.2                                        15 Aug 2023
> > 
> >    *) Feature: path MTU discovery when using HTTP/3.
> > 
> >    *) Change: now nginx uses appname "nginx" when loading OpenSSL
> >       configuration.
> > 
> >    *) Change: now nginx does not try to load OpenSSL configuration if the
> >       --with-openssl option was used to built OpenSSL and the OPENSSL_CONF
> >       environment variable is not set.
> > 
> >    *) Bugfix: in the $body_bytes_sent variable when using HTTP/3.
> > 
> 
> There were bugfixes in QUIC, which may deserve a separate line.

Added "Bugfix: in HTTP/3" to cover anything not specifically 
mentioned, thnx.

> Also I'd add TLS_AES_128_CCM_SHA256 cipher suite support in QUIC,
> and a switch to using AEAD-encrypted QUIC address validation tokens,
> which essentially provides now authenticated encryption.

Agreed about TLS_AES_128_CCM_SHA256, added.

Not sure AEAD worth mentioning though, it's more an internal 
change hardly visible to users.

Updated:


Changes with nginx 1.25.2                                        15 Aug 2023

    *) Feature: path MTU discovery when using HTTP/3.

    *) Feature: TLS_AES_128_CCM_SHA256 cipher suite support when using
       HTTP/3.

    *) Change: now nginx uses appname "nginx" when loading OpenSSL
       configuration.

    *) Change: now nginx does not try to load OpenSSL configuration if the
       --with-openssl option was used to built OpenSSL and the OPENSSL_CONF
       environment variable is not set.

    *) Bugfix: in the $body_bytes_sent variable when using HTTP/3.

    *) Bugfix: in HTTP/3.


Изменения в nginx 1.25.2                                          15.08.2023

    *) Добавление: path MTU discovery при использовании HTTP/3.

    *) Добавление: поддержка шифра TLS_AES_128_CCM_SHA256 при использовании
       HTTP/3.

    *) Изменение: теперь при загрузке конфигурации OpenSSL nginx использует
       appname "nginx".

    *) Изменение: теперь nginx не пытается загружать конфигурацию OpenSSL,
       если для сборки OpenSSL использовался параметр --with-openssl и
       переменная окружения OPENSSL_CONF не установлена.

    *) Исправление: в переменной $body_bytes_sent при использовании HTTP/3.

    *) Исправление: в HTTP/3.


-- 
Maxim Dounin
http://mdounin.ru/

From pluknet at nginx.com  Tue Aug 15 16:49:55 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Tue, 15 Aug 2023 20:49:55 +0400
Subject: nginx 1.25.2 changes draft
In-Reply-To: <ZNurXeOPMHgTlZ/L@mdounin.ru>
References: <ZNuapmHNofs3cyPo@mdounin.ru>
 <9A2FC9A4-36B1-45EC-81A8-F6CCD0392183@nginx.com>
 <ZNurXeOPMHgTlZ/L@mdounin.ru>
Message-ID: <A2D035E6-68CA-4D9D-8CD8-006C0B744E76@nginx.com>


> On 15 Aug 2023, at 20:44, Maxim Dounin <mdounin at mdounin.ru> wrote:
> 
> Hello!
> 
> On Tue, Aug 15, 2023 at 07:48:05PM +0400, Sergey Kandaurov wrote:
> 
>> 
>>> On 15 Aug 2023, at 19:32, Maxim Dounin <mdounin at mdounin.ru> wrote:
>>> 
>>> Hello!
>>> 
>>> 
>>> Changes with nginx 1.25.2                                        15 Aug 2023
>>> 
>>>   *) Feature: path MTU discovery when using HTTP/3.
>>> 
>>>   *) Change: now nginx uses appname "nginx" when loading OpenSSL
>>>      configuration.
>>> 
>>>   *) Change: now nginx does not try to load OpenSSL configuration if the
>>>      --with-openssl option was used to built OpenSSL and the OPENSSL_CONF
>>>      environment variable is not set.
>>> 
>>>   *) Bugfix: in the $body_bytes_sent variable when using HTTP/3.
>>> 
>> 
>> There were bugfixes in QUIC, which may deserve a separate line.
> 
> Added "Bugfix: in HTTP/3" to cover anything not specifically 
> mentioned, thnx.
> 
>> Also I'd add TLS_AES_128_CCM_SHA256 cipher suite support in QUIC,
>> and a switch to using AEAD-encrypted QUIC address validation tokens,
>> which essentially provides now authenticated encryption.
> 
> Agreed about TLS_AES_128_CCM_SHA256, added.
> 
> Not sure AEAD worth mentioning though, it's more an internal 
> change hardly visible to users.

Agreed, thanks.

> 
> Updated:
> 
> 
> Changes with nginx 1.25.2                                        15 Aug 2023
> 
>    *) Feature: path MTU discovery when using HTTP/3.
> 
>    *) Feature: TLS_AES_128_CCM_SHA256 cipher suite support when using
>       HTTP/3.
> 
>    *) Change: now nginx uses appname "nginx" when loading OpenSSL
>       configuration.
> 
>    *) Change: now nginx does not try to load OpenSSL configuration if the
>       --with-openssl option was used to built OpenSSL and the OPENSSL_CONF
>       environment variable is not set.
> 
>    *) Bugfix: in the $body_bytes_sent variable when using HTTP/3.
> 
>    *) Bugfix: in HTTP/3.
> 
> 
> Изменения в nginx 1.25.2                                          15.08.2023
> 
>    *) Добавление: path MTU discovery при использовании HTTP/3.
> 
>    *) Добавление: поддержка шифра TLS_AES_128_CCM_SHA256 при использовании
>       HTTP/3.
> 
>    *) Изменение: теперь при загрузке конфигурации OpenSSL nginx использует
>       appname "nginx".
> 
>    *) Изменение: теперь nginx не пытается загружать конфигурацию OpenSSL,
>       если для сборки OpenSSL использовался параметр --with-openssl и
>       переменная окружения OPENSSL_CONF не установлена.
> 
>    *) Исправление: в переменной $body_bytes_sent при использовании HTTP/3.
> 
>    *) Исправление: в HTTP/3.
> 

Looks good.

-- 
Sergey Kandaurov

From mdounin at mdounin.ru  Tue Aug 15 17:13:39 2023
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 15 Aug 2023 20:13:39 +0300
Subject: nginx 1.25.2 changes draft
In-Reply-To: <A2D035E6-68CA-4D9D-8CD8-006C0B744E76@nginx.com>
References: <ZNuapmHNofs3cyPo@mdounin.ru>
 <9A2FC9A4-36B1-45EC-81A8-F6CCD0392183@nginx.com>
 <ZNurXeOPMHgTlZ/L@mdounin.ru>
 <A2D035E6-68CA-4D9D-8CD8-006C0B744E76@nginx.com>
Message-ID: <ZNuyQ6dlwXBpfi9G@mdounin.ru>

Hello!

On Tue, Aug 15, 2023 at 08:49:55PM +0400, Sergey Kandaurov wrote:

[...]

> > Updated:
> > 
> > 
> > Changes with nginx 1.25.2                                        15 Aug 2023
> > 
> >    *) Feature: path MTU discovery when using HTTP/3.
> > 
> >    *) Feature: TLS_AES_128_CCM_SHA256 cipher suite support when using
> >       HTTP/3.
> > 
> >    *) Change: now nginx uses appname "nginx" when loading OpenSSL
> >       configuration.
> > 
> >    *) Change: now nginx does not try to load OpenSSL configuration if the
> >       --with-openssl option was used to built OpenSSL and the OPENSSL_CONF
> >       environment variable is not set.
> > 
> >    *) Bugfix: in the $body_bytes_sent variable when using HTTP/3.
> > 
> >    *) Bugfix: in HTTP/3.
> > 
> > 
> > Изменения в nginx 1.25.2                                          15.08.2023
> > 
> >    *) Добавление: path MTU discovery при использовании HTTP/3.
> > 
> >    *) Добавление: поддержка шифра TLS_AES_128_CCM_SHA256 при использовании
> >       HTTP/3.
> > 
> >    *) Изменение: теперь при загрузке конфигурации OpenSSL nginx использует
> >       appname "nginx".
> > 
> >    *) Изменение: теперь nginx не пытается загружать конфигурацию OpenSSL,
> >       если для сборки OpenSSL использовался параметр --with-openssl и
> >       переменная окружения OPENSSL_CONF не установлена.
> > 
> >    *) Исправление: в переменной $body_bytes_sent при использовании HTTP/3.
> > 
> >    *) Исправление: в HTTP/3.
> > 
> 
> Looks good.

Thanks for the review.

Pushed to:

http://mdounin.ru/hg/nginx
http://mdounin.ru/hg/nginx.org

Binaries:

http://mdounin.ru/temp/nginx-1.25.2.tar.gz
http://mdounin.ru/temp/nginx-1.25.2.tar.gz.asc
http://mdounin.ru/temp/nginx-1.25.2.zip
http://mdounin.ru/temp/nginx-1.25.2.zip.asc

-- 
Maxim Dounin
http://mdounin.ru/

From thresh at nginx.com  Tue Aug 15 17:31:11 2023
From: thresh at nginx.com (Konstantin Pavlov)
Date: Tue, 15 Aug 2023 17:31:11 +0000
Subject: [nginx] Updated OpenSSL used for win32 builds.
Message-ID: <hg.f101bccb38e1.1692120671.6026610855610030274@dev.nginx>

details:   https://hg.nginx.org/nginx/rev/f101bccb38e1
branches:  
changeset: 9148:f101bccb38e1
user:      Maxim Dounin <mdounin at mdounin.ru>
date:      Tue Aug 15 18:10:50 2023 +0300
description:
Updated OpenSSL used for win32 builds.

diffstat:

 misc/GNUmakefile |  4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diffs (21 lines):

diff -r 58afcd72446f -r f101bccb38e1 misc/GNUmakefile
--- a/misc/GNUmakefile	Mon Aug 14 09:21:27 2023 +0400
+++ b/misc/GNUmakefile	Tue Aug 15 18:10:50 2023 +0300
@@ -6,7 +6,7 @@ TEMP =		tmp
 
 CC =		cl
 OBJS =		objs.msvc8
-OPENSSL =	openssl-1.1.1t
+OPENSSL =	openssl-3.0.10
 ZLIB =		zlib-1.2.13
 PCRE =		pcre2-10.39
 
@@ -105,7 +105,7 @@ zip: export
 	$(MAKE) -f docs/GNUmakefile changes
 	mv $(TEMP)/$(NGINX)/CHANGES* $(TEMP)/$(NGINX)/docs/
 
-	cp -p $(OBJS)/lib/$(OPENSSL)/LICENSE				\
+	cp -p $(OBJS)/lib/$(OPENSSL)/LICENSE.txt			\
 		$(TEMP)/$(NGINX)/docs/OpenSSL.LICENSE
 
 	cp -p $(OBJS)/lib/$(PCRE)/LICENCE				\

From thresh at nginx.com  Tue Aug 15 17:31:14 2023
From: thresh at nginx.com (Konstantin Pavlov)
Date: Tue, 15 Aug 2023 17:31:14 +0000
Subject: [nginx] nginx-1.25.2-RELEASE
Message-ID: <hg.1d839f05409d.1692120674.6026610855610030274@dev.nginx>

details:   https://hg.nginx.org/nginx/rev/1d839f05409d
branches:  
changeset: 9149:1d839f05409d
user:      Maxim Dounin <mdounin at mdounin.ru>
date:      Tue Aug 15 20:03:04 2023 +0300
description:
nginx-1.25.2-RELEASE

diffstat:

 docs/xml/nginx/changes.xml |  65 ++++++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 65 insertions(+), 0 deletions(-)

diffs (75 lines):

diff -r f101bccb38e1 -r 1d839f05409d docs/xml/nginx/changes.xml
--- a/docs/xml/nginx/changes.xml	Tue Aug 15 18:10:50 2023 +0300
+++ b/docs/xml/nginx/changes.xml	Tue Aug 15 20:03:04 2023 +0300
@@ -5,6 +5,71 @@
 <change_log title="nginx">
 
 
+<changes ver="1.25.2" date="2023-08-15">
+
+<change type="feature">
+<para lang="ru">
+path MTU discovery при использовании HTTP/3.
+</para>
+<para lang="en">
+path MTU discovery when using HTTP/3.
+</para>
+</change>
+
+<change type="feature">
+<para lang="ru">
+поддержка шифра TLS_AES_128_CCM_SHA256 при использовании HTTP/3.
+</para>
+<para lang="en">
+TLS_AES_128_CCM_SHA256 cipher suite support when using HTTP/3.
+</para>
+</change>
+
+<change type="change">
+<para lang="ru">
+теперь при загрузке конфигурации OpenSSL
+nginx использует appname "nginx".
+</para>
+<para lang="en">
+now nginx uses appname "nginx"
+when loading OpenSSL configuration.
+</para>
+</change>
+
+<change type="change">
+<para lang="ru">
+теперь nginx не пытается загружать конфигурацию OpenSSL,
+если для сборки OpenSSL использовался параметр --with-openssl
+и переменная окружения OPENSSL_CONF не установлена.
+</para>
+<para lang="en">
+now nginx does not try to load OpenSSL configuration
+if the --with-openssl option was used to built OpenSSL
+and the OPENSSL_CONF environment variable is not set.
+</para>
+</change>
+
+<change type="bugfix">
+<para lang="ru">
+в переменной $body_bytes_sent при использовании HTTP/3.
+</para>
+<para lang="en">
+in the $body_bytes_sent variable when using HTTP/3.
+</para>
+</change>
+
+<change type="bugfix">
+<para lang="ru">
+в HTTP/3.
+</para>
+<para lang="en">
+in HTTP/3.
+</para>
+</change>
+
+</changes>
+
+
 <changes ver="1.25.1" date="2023-06-13">
 
 <change type="feature">

From thresh at nginx.com  Tue Aug 15 17:31:17 2023
From: thresh at nginx.com (Konstantin Pavlov)
Date: Tue, 15 Aug 2023 17:31:17 +0000
Subject: [nginx] release-1.25.2 tag
Message-ID: <hg.44536076405c.1692120677.6026610855610030274@dev.nginx>

details:   https://hg.nginx.org/nginx/rev/44536076405c
branches:  
changeset: 9150:44536076405c
user:      Maxim Dounin <mdounin at mdounin.ru>
date:      Tue Aug 15 20:03:04 2023 +0300
description:
release-1.25.2 tag

diffstat:

 .hgtags |  1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diffs (8 lines):

diff -r 1d839f05409d -r 44536076405c .hgtags
--- a/.hgtags	Tue Aug 15 20:03:04 2023 +0300
+++ b/.hgtags	Tue Aug 15 20:03:04 2023 +0300
@@ -474,3 +474,4 @@ ff3afd1ce6a6b65057741df442adfaa71a0e2588
 ac779115ed6ee4f3039e9aea414a54e560450ee2 release-1.23.4
 12dcf92b0c2c68552398f19644ce3104459807d7 release-1.25.0
 f8134640e8615448205785cf00b0bc810489b495 release-1.25.1
+1d839f05409d1a50d0f15a2bf36547001f99ae40 release-1.25.2

From pluknet at nginx.com  Mon Aug 21 16:17:11 2023
From: pluknet at nginx.com (=?iso-8859-1?q?Sergey_Kandaurov?=)
Date: Mon, 21 Aug 2023 20:17:11 +0400
Subject: [PATCH] QUIC: posted generating TLS Key Update next keys
Message-ID: <4215a1d1426c23a06df6.1692634631@enoparse.local>

# HG changeset patch
# User Sergey Kandaurov <pluknet at nginx.com>
# Date 1692634530 -14400
#      Mon Aug 21 20:15:30 2023 +0400
# Node ID 4215a1d1426c23a06df6229b986d36e838594a91
# Parent  44536076405cf79ebdd82a6a0ab27bb3aed86b04
QUIC: posted generating TLS Key Update next keys.

Since at least f9fbeb4ee0de, which TLS Key Update support predates,
queued data output is deferred to a posted push handler.  To address
timing signals, generating next keys is posted after handling frames,
to run after posted push handler.

diff --git a/src/event/quic/ngx_event_quic.c b/src/event/quic/ngx_event_quic.c
--- a/src/event/quic/ngx_event_quic.c
+++ b/src/event/quic/ngx_event_quic.c
@@ -283,6 +283,10 @@ ngx_quic_new_connection(ngx_connection_t
     qc->path_validation.data = c;
     qc->path_validation.handler = ngx_quic_path_handler;
 
+    qc->key_update.log = c->log;
+    qc->key_update.data = c;
+    qc->key_update.handler = ngx_quic_keys_update;
+
     qc->conf = conf;
 
     if (ngx_quic_init_transport_params(&qc->tp, conf) != NGX_OK) {
@@ -1055,7 +1059,9 @@ ngx_quic_handle_payload(ngx_connection_t
         return rc;
     }
 
-    return ngx_quic_keys_update(c, qc->keys);
+    ngx_post_event(&qc->key_update, &ngx_posted_events);
+
+    return NGX_OK;
 }
 
 
diff --git a/src/event/quic/ngx_event_quic_connection.h b/src/event/quic/ngx_event_quic_connection.h
--- a/src/event/quic/ngx_event_quic_connection.h
+++ b/src/event/quic/ngx_event_quic_connection.h
@@ -230,6 +230,8 @@ struct ngx_quic_connection_s {
     ngx_event_t                       pto;
     ngx_event_t                       close;
     ngx_event_t                       path_validation;
+    ngx_event_t                       key_update;
+
     ngx_msec_t                        last_cc;
 
     ngx_msec_t                        first_rtt;
diff --git a/src/event/quic/ngx_event_quic_protection.c b/src/event/quic/ngx_event_quic_protection.c
--- a/src/event/quic/ngx_event_quic_protection.c
+++ b/src/event/quic/ngx_event_quic_protection.c
@@ -700,13 +700,20 @@ ngx_quic_keys_switch(ngx_connection_t *c
 }
 
 
-ngx_int_t
-ngx_quic_keys_update(ngx_connection_t *c, ngx_quic_keys_t *keys)
+void
+ngx_quic_keys_update(ngx_event_t *ev)
 {
-    ngx_uint_t           i;
-    ngx_quic_hkdf_t      seq[6];
-    ngx_quic_ciphers_t   ciphers;
-    ngx_quic_secrets_t  *current, *next;
+    ngx_uint_t              i;
+    ngx_quic_hkdf_t         seq[6];
+    ngx_quic_keys_t        *keys;
+    ngx_connection_t       *c;
+    ngx_quic_ciphers_t      ciphers;
+    ngx_quic_secrets_t     *current, *next;
+    ngx_quic_connection_t  *qc;
+
+    c = ev->data;
+    qc = ngx_quic_get_connection(c);
+    keys = qc->keys;
 
     current = &keys->secrets[ssl_encryption_application];
     next = &keys->next_key;
@@ -716,7 +723,7 @@ ngx_quic_keys_update(ngx_connection_t *c
     if (ngx_quic_ciphers(keys->cipher, &ciphers, ssl_encryption_application)
         == NGX_ERROR)
     {
-        return NGX_ERROR;
+        goto failed;
     }
 
     next->client.secret.len = current->client.secret.len;
@@ -744,11 +751,15 @@ ngx_quic_keys_update(ngx_connection_t *c
 
     for (i = 0; i < (sizeof(seq) / sizeof(seq[0])); i++) {
         if (ngx_quic_hkdf_expand(&seq[i], ciphers.d, c->log) != NGX_OK) {
-            return NGX_ERROR;
+            goto failed;
         }
     }
 
-    return NGX_OK;
+    return;
+
+failed:
+
+    ngx_quic_close_connection(c, NGX_ERROR);
 }
 
 
diff --git a/src/event/quic/ngx_event_quic_protection.h b/src/event/quic/ngx_event_quic_protection.h
--- a/src/event/quic/ngx_event_quic_protection.h
+++ b/src/event/quic/ngx_event_quic_protection.h
@@ -99,7 +99,7 @@ ngx_uint_t ngx_quic_keys_available(ngx_q
 void ngx_quic_keys_discard(ngx_quic_keys_t *keys,
     enum ssl_encryption_level_t level);
 void ngx_quic_keys_switch(ngx_connection_t *c, ngx_quic_keys_t *keys);
-ngx_int_t ngx_quic_keys_update(ngx_connection_t *c, ngx_quic_keys_t *keys);
+void ngx_quic_keys_update(ngx_event_t *ev);
 ngx_int_t ngx_quic_encrypt(ngx_quic_header_t *pkt, ngx_str_t *res);
 ngx_int_t ngx_quic_decrypt(ngx_quic_header_t *pkt, uint64_t *largest_pn);
 void ngx_quic_compute_nonce(u_char *nonce, size_t len, uint64_t pn);
diff --git a/src/event/quic/ngx_event_quic_ssl.c b/src/event/quic/ngx_event_quic_ssl.c
--- a/src/event/quic/ngx_event_quic_ssl.c
+++ b/src/event/quic/ngx_event_quic_ssl.c
@@ -482,9 +482,7 @@ ngx_quic_crypto_input(ngx_connection_t *
      * Generating next keys before a key update is received.
      */
 
-    if (ngx_quic_keys_update(c, qc->keys) != NGX_OK) {
-        return NGX_ERROR;
-    }
+    ngx_post_event(&qc->key_update, &ngx_posted_events);
 
     /*
      * RFC 9001, 4.9.2.  Discarding Handshake Keys

From xeioex at nginx.com  Tue Aug 22 18:13:36 2023
From: xeioex at nginx.com (Dmitry Volyntsev)
Date: Tue, 22 Aug 2023 18:13:36 +0000
Subject: [njs] Fixed typos introduced in ff7eb3c4bf76.
Message-ID: <hg.71bf45ec8f77.1692728016.5965299922797593991@dev.nginx>

details:   https://hg.nginx.org/njs/rev/71bf45ec8f77
branches:  
changeset: 2182:71bf45ec8f77
user:      Dmitry Volyntsev <xeioex at nginx.com>
date:      Tue Aug 22 11:12:01 2023 -0700
description:
Fixed typos introduced in ff7eb3c4bf76.

diffstat:

 nginx/ngx_js_shared_dict.h |  2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diffs (9 lines):

diff -r 3af6c729b7cb -r 71bf45ec8f77 nginx/ngx_js_shared_dict.h
--- a/nginx/ngx_js_shared_dict.h	Tue Jul 11 22:50:44 2023 -0700
+++ b/nginx/ngx_js_shared_dict.h	Tue Aug 22 11:12:01 2023 -0700
@@ -16,4 +16,4 @@ njs_int_t njs_js_ext_global_shared_keys(
 extern njs_module_t  ngx_js_shared_dict_module;
 
 
-#endif /* _NGX_JS_FETCH_H_INCLUDED_ */
+#endif /* _NGX_JS_SHARED_DICT_H_INCLUDED_ */

From xeioex at nginx.com  Tue Aug 22 18:13:38 2023
From: xeioex at nginx.com (Dmitry Volyntsev)
Date: Tue, 22 Aug 2023 18:13:38 +0000
Subject: [njs] HTTP: simplified events handling.
Message-ID: <hg.4cb8e873e8c6.1692728018.5965299922797593991@dev.nginx>

details:   https://hg.nginx.org/njs/rev/4cb8e873e8c6
branches:  
changeset: 2183:4cb8e873e8c6
user:      Dmitry Volyntsev <xeioex at nginx.com>
date:      Tue Aug 22 11:12:02 2023 -0700
description:
HTTP: simplified events handling.

diffstat:

 nginx/ngx_http_js_module.c |  15 +++------------
 1 files changed, 3 insertions(+), 12 deletions(-)

diffs (51 lines):

diff -r 71bf45ec8f77 -r 4cb8e873e8c6 nginx/ngx_http_js_module.c
--- a/nginx/ngx_http_js_module.c	Tue Aug 22 11:12:01 2023 -0700
+++ b/nginx/ngx_http_js_module.c	Tue Aug 22 11:12:02 2023 -0700
@@ -255,8 +255,6 @@ static size_t ngx_http_js_max_response_b
     ngx_http_request_t *r);
 static void ngx_http_js_handle_vm_event(ngx_http_request_t *r,
     njs_vm_event_t vm_event, njs_value_t *args, njs_uint_t nargs);
-static void ngx_http_js_handle_event(ngx_http_request_t *r,
-    njs_vm_event_t vm_event, njs_value_t *args, njs_uint_t nargs);
 
 static njs_int_t ngx_js_http_init(njs_vm_t *vm);
 static ngx_int_t ngx_http_js_init(ngx_conf_t *cf);
@@ -791,7 +789,7 @@ static uintptr_t ngx_http_js_uptr[] = {
     (uintptr_t) ngx_http_js_pool,
     (uintptr_t) ngx_http_js_resolver,
     (uintptr_t) ngx_http_js_resolver_timeout,
-    (uintptr_t) ngx_http_js_handle_event,
+    (uintptr_t) ngx_http_js_handle_vm_event,
     (uintptr_t) ngx_http_js_ssl,
     (uintptr_t) ngx_http_js_ssl_verify,
     (uintptr_t) ngx_http_js_fetch_timeout,
@@ -4105,7 +4103,7 @@ ngx_http_js_timer_handler(ngx_event_t *e
 
     r = js_event->request;
 
-    ngx_http_js_handle_event(r, js_event->vm_event, NULL, 0);
+    ngx_http_js_handle_vm_event(r, js_event->vm_event, NULL, 0);
 }
 
 
@@ -4196,19 +4194,12 @@ ngx_http_js_handle_vm_event(ngx_http_req
                       "js exception: %V", &exception);
 
         ngx_http_finalize_request(r, NGX_ERROR);
+        return;
     }
 
     if (rc == NJS_OK) {
         ngx_http_post_request(r, NULL);
     }
-}
-
-
-static void
-ngx_http_js_handle_event(ngx_http_request_t *r, njs_vm_event_t vm_event,
-    njs_value_t *args, njs_uint_t nargs)
-{
-    ngx_http_js_handle_vm_event(r, vm_event, args, nargs);
 
     ngx_http_run_posted_requests(r->connection);
 }

From xeioex at nginx.com  Tue Aug 22 18:13:40 2023
From: xeioex at nginx.com (Dmitry Volyntsev)
Date: Tue, 22 Aug 2023 18:13:40 +0000
Subject: [njs] Modules: introduced js_periodic directive.
Message-ID: <hg.f1bd0b1db065.1692728020.5965299922797593991@dev.nginx>

details:   https://hg.nginx.org/njs/rev/f1bd0b1db065
branches:  
changeset: 2184:f1bd0b1db065
user:      Dmitry Volyntsev <xeioex at nginx.com>
date:      Tue Aug 22 11:13:09 2023 -0700
description:
Modules: introduced js_periodic directive.

The directive specifies a JS handler to run at regular intervals. The JS
handler will be executed in each worker process. The handler receives no
arguments. It has access to ngx and other global objects.

example.conf:
    location @periodics {
        # Specifies a JS handler to be run at 1 minute intervals
        js_periodic main.handler interval=60s jitter=5s;

        resolver 10.0.0.1;
        js_fetch_trusted_certificate /path/to/ISRG_Root_X1.pem;
    }

example.js:
    async function handler() {
        if (ngx.worker_id != 0) {
            /* using ngx.worker_id to run handler only in one worker. */
            return;
        }

        let reply = async ngx.fetch('https://nginx.org/en/docs/njs/');
        let body = async reply.text();

        ngx.log(ngx.INFO, body);
    }

This closes #660 issue on Github.

diffstat:

 nginx/ngx_http_js_module.c   |  399 +++++++++++++++++++++++++++++++++++++++++-
 nginx/ngx_js.h               |    3 +-
 nginx/ngx_stream_js_module.c |  402 +++++++++++++++++++++++++++++++++++++++++-
 nginx/t/js_periodic.t        |  258 +++++++++++++++++++++++++++
 nginx/t/stream_js_periodic.t |  322 ++++++++++++++++++++++++++++++++++
 5 files changed, 1362 insertions(+), 22 deletions(-)

diffs (truncated from 1628 to 1000 lines):

diff -r 4cb8e873e8c6 -r f1bd0b1db065 nginx/ngx_http_js_module.c
--- a/nginx/ngx_http_js_module.c	Tue Aug 22 11:12:02 2023 -0700
+++ b/nginx/ngx_http_js_module.c	Tue Aug 22 11:13:09 2023 -0700
@@ -22,6 +22,27 @@ typedef struct {
 } ngx_http_js_loc_conf_t;
 
 
+typedef struct {
+    ngx_http_conf_ctx_t   *conf_ctx;
+    ngx_connection_t      *connection;
+    void                  *padding;
+
+    /**
+     * fd is used for event debug and should be at the same position
+     * as in ngx_connection_t: after a 3rd pointer.
+     */
+    ngx_socket_t           fd;
+
+    ngx_str_t              method;
+    ngx_msec_t             interval;
+    ngx_msec_t             jitter;
+
+    ngx_log_t              log;
+    ngx_http_log_ctx_t     log_ctx;
+    ngx_event_t            event;
+} ngx_js_periodic_t;
+
+
 #define NJS_HEADER_SEMICOLON   0x1
 #define NJS_HEADER_SINGLE      0x2
 #define NJS_HEADER_ARRAY       0x4
@@ -45,6 +66,8 @@ typedef struct {
     ngx_chain_t          **last_out;
     ngx_chain_t           *free;
     ngx_chain_t           *busy;
+
+    ngx_js_periodic_t     *periodic;
 } ngx_http_js_ctx_t;
 
 
@@ -88,7 +111,8 @@ static ngx_int_t ngx_http_js_variable_se
     ngx_http_variable_value_t *v, uintptr_t data);
 static ngx_int_t ngx_http_js_variable_var(ngx_http_request_t *r,
     ngx_http_variable_value_t *v, uintptr_t data);
-static ngx_int_t ngx_http_js_init_vm(ngx_http_request_t *r);
+static ngx_int_t ngx_http_js_init_vm(ngx_http_request_t *r,
+    unsigned inject_request);
 static void ngx_http_js_cleanup_ctx(void *data);
 
 static njs_int_t ngx_http_js_ext_keys_header(njs_vm_t *vm, njs_value_t *value,
@@ -256,8 +280,18 @@ static size_t ngx_http_js_max_response_b
 static void ngx_http_js_handle_vm_event(ngx_http_request_t *r,
     njs_vm_event_t vm_event, njs_value_t *args, njs_uint_t nargs);
 
+static void ngx_http_js_periodic_handler(ngx_event_t *ev);
+static void ngx_http_js_periodic_write_event_handler(ngx_http_request_t *r);
+static void ngx_http_js_periodic_shutdown_handler(ngx_event_t *ev);
+static void ngx_http_js_periodic_finalize(ngx_http_request_t *r, ngx_int_t rc);
+static void ngx_http_js_periodic_destroy(ngx_http_request_t *r,
+    ngx_js_periodic_t *periodic);
+
 static njs_int_t ngx_js_http_init(njs_vm_t *vm);
 static ngx_int_t ngx_http_js_init(ngx_conf_t *cf);
+static ngx_int_t ngx_http_js_init_worker(ngx_cycle_t *cycle);
+static char *ngx_http_js_periodic(ngx_conf_t *cf, ngx_command_t *cmd,
+    void *conf);
 static char *ngx_http_js_set(ngx_conf_t *cf, ngx_command_t *cmd, void *conf);
 static char *ngx_http_js_var(ngx_conf_t *cf, ngx_command_t *cmd, void *conf);
 static char *ngx_http_js_content(ngx_conf_t *cf, ngx_command_t *cmd,
@@ -297,6 +331,13 @@ static ngx_command_t  ngx_http_js_comman
       0,
       NULL },
 
+    { ngx_string("js_periodic"),
+      NGX_HTTP_LOC_CONF|NGX_CONF_ANY,
+      ngx_http_js_periodic,
+      NGX_HTTP_LOC_CONF_OFFSET,
+      0,
+      NULL },
+
     { ngx_string("js_preload_object"),
       NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE13,
       ngx_js_preload_object,
@@ -439,7 +480,7 @@ ngx_module_t  ngx_http_js_module = {
     NGX_HTTP_MODULE,               /* module type */
     NULL,                          /* init master */
     NULL,                          /* init module */
-    NULL,                          /* init process */
+    ngx_http_js_init_worker,       /* init process */
     NULL,                          /* init thread */
     NULL,                          /* exit thread */
     NULL,                          /* exit process */
@@ -863,7 +904,7 @@ ngx_http_js_content_event_handler(ngx_ht
     ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
                    "http js content event handler");
 
-    rc = ngx_http_js_init_vm(r);
+    rc = ngx_http_js_init_vm(r, 1);
 
     if (rc == NGX_ERROR || rc == NGX_DECLINED) {
         ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
@@ -999,7 +1040,7 @@ ngx_http_js_header_filter(ngx_http_reque
         return ngx_http_next_header_filter(r);
     }
 
-    rc = ngx_http_js_init_vm(r);
+    rc = ngx_http_js_init_vm(r, 1);
 
     if (rc == NGX_ERROR || rc == NGX_DECLINED) {
         return NGX_ERROR;
@@ -1051,7 +1092,7 @@ ngx_http_js_body_filter(ngx_http_request
         return ngx_http_next_body_filter(r, in);
     }
 
-    rc = ngx_http_js_init_vm(r);
+    rc = ngx_http_js_init_vm(r, 1);
 
     if (rc == NGX_ERROR || rc == NGX_DECLINED) {
         return NGX_ERROR;
@@ -1165,7 +1206,7 @@ ngx_http_js_variable_set(ngx_http_reques
     ngx_str_t           value;
     ngx_http_js_ctx_t  *ctx;
 
-    rc = ngx_http_js_init_vm(r);
+    rc = ngx_http_js_init_vm(r, 1);
 
     if (rc == NGX_ERROR) {
         return NGX_ERROR;
@@ -1239,7 +1280,7 @@ ngx_http_js_variable_var(ngx_http_reques
 
 
 static ngx_int_t
-ngx_http_js_init_vm(ngx_http_request_t *r)
+ngx_http_js_init_vm(ngx_http_request_t *r, unsigned inject_request)
 {
     njs_int_t                rc;
     ngx_str_t                exception;
@@ -1318,10 +1359,12 @@ ngx_http_js_init_vm(ngx_http_request_t *
         return NGX_ERROR;
     }
 
-    rc = njs_vm_external_create(ctx->vm, njs_value_arg(&ctx->request),
-                                ngx_http_js_request_proto_id, r, 0);
-    if (rc != NJS_OK) {
-        return NGX_ERROR;
+    if (inject_request) {
+        rc = njs_vm_external_create(ctx->vm, njs_value_arg(&ctx->request),
+                                    ngx_http_js_request_proto_id, r, 0);
+        if (rc != NJS_OK) {
+            return NGX_ERROR;
+        }
     }
 
     return NGX_OK;
@@ -4048,6 +4091,221 @@ ngx_http_js_location(njs_vm_t *vm, ngx_h
 }
 
 
+static void
+ngx_http_js_periodic_handler(ngx_event_t *ev)
+{
+    ngx_int_t               rc;
+    ngx_msec_t              timer;
+    ngx_connection_t       *c;
+    ngx_js_periodic_t      *periodic;
+    ngx_http_js_ctx_t      *ctx;
+    ngx_http_request_t     *r;
+    ngx_http_connection_t   hc;
+
+    periodic = ev->data;
+
+    timer = periodic->interval;
+
+    if (periodic->jitter) {
+        timer += (ngx_msec_t) ngx_random() % periodic->jitter;
+    }
+
+    ngx_add_timer(&periodic->event, timer);
+
+    c = periodic->connection;
+
+    if (c != NULL) {
+        ngx_log_error(NGX_LOG_ERR, c->log, 0,
+                      "http js periodic \"%V\" is already running, killing "
+                      "previous instance", &periodic->method);
+
+        ngx_http_js_periodic_finalize(c->data, NGX_ERROR);
+    }
+
+    ngx_log_debug1(NGX_LOG_DEBUG_HTTP, &periodic->log, 0,
+                   "http js periodic handler: \"%V\"", &periodic->method);
+
+    c = ngx_get_connection(0, &periodic->log);
+
+    if (c == NULL) {
+        return;
+    }
+
+    ngx_memzero(&hc, sizeof(ngx_http_connection_t));
+
+    hc.conf_ctx = periodic->conf_ctx;
+
+    c->data = &hc;
+
+    r = ngx_http_create_request(c);
+
+    if (r == NULL) {
+        ngx_free_connection(c);
+        c->fd = (ngx_socket_t) -1;
+        return;
+    }
+
+    c->data = r;
+    c->destroyed = 0;
+    c->pool = r->pool;
+    c->read->handler = ngx_http_js_periodic_shutdown_handler;
+
+    periodic->connection = c;
+    periodic->log_ctx.request = r;
+    periodic->log_ctx.connection = c;
+
+    r->method = NGX_HTTP_GET;
+    r->method_name = ngx_http_core_get_method;
+
+    ngx_str_set(&r->uri, "/");
+    r->unparsed_uri = r->uri;
+    r->valid_unparsed_uri = 1;
+
+    r->health_check = 1;
+    r->write_event_handler = ngx_http_js_periodic_write_event_handler;
+
+    rc = ngx_http_js_init_vm(r, 0);
+
+    if (rc != NGX_OK) {
+        ngx_http_js_periodic_destroy(r, periodic);
+        return;
+    }
+
+    ctx = ngx_http_get_module_ctx(r, ngx_http_js_module);
+
+    ctx->periodic = periodic;
+
+    r->count++;
+
+    rc = ngx_js_invoke(ctx->vm, &periodic->method, &periodic->log, NULL, 0,
+                       &ctx->retval);
+
+    if (rc == NGX_AGAIN) {
+        rc = NGX_OK;
+    }
+
+    r->count--;
+
+    ngx_http_js_periodic_finalize(r, rc);
+}
+
+
+static void
+ngx_http_js_periodic_write_event_handler(ngx_http_request_t *r)
+{
+    ngx_http_js_ctx_t  *ctx;
+
+    ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+                   "http js periodic write event handler");
+
+    ctx = ngx_http_get_module_ctx(r, ngx_http_js_module);
+
+    if (!njs_vm_pending(ctx->vm)) {
+        ngx_http_js_periodic_finalize(r, NGX_OK);
+        return;
+    }
+}
+
+
+static void
+ngx_http_js_periodic_shutdown_handler(ngx_event_t *ev)
+{
+    ngx_connection_t  *c;
+
+    c = ev->data;
+
+    ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0,
+                   "http js periodic shutdown handler");
+
+    if (c->close) {
+        ngx_http_js_periodic_finalize(c->data, NGX_ERROR);
+        return;
+    }
+
+    ngx_log_error(NGX_LOG_ERR, c->log, 0, "http js periodic shutdown handler "
+                  "while not closing");
+}
+
+
+static void
+ngx_http_js_periodic_finalize(ngx_http_request_t *r, ngx_int_t rc)
+{
+    ngx_http_js_ctx_t  *ctx;
+
+    ctx = ngx_http_get_module_ctx(r, ngx_http_js_module);
+
+    ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+                   "http js periodic finalize: \"%V\" rc: %i c: %i pending: %i",
+                   &ctx->periodic->method, rc, r->count,
+                   njs_vm_pending(ctx->vm));
+
+    if (r->count > 1 || (rc == NGX_OK && njs_vm_pending(ctx->vm))) {
+        return;
+    }
+
+    ngx_http_js_periodic_destroy(r, ctx->periodic);
+}
+
+
+static void
+ngx_http_js_periodic_destroy(ngx_http_request_t *r, ngx_js_periodic_t *periodic)
+{
+    ngx_connection_t    *c;
+    ngx_http_cleanup_t  *cln;
+
+    c = r->connection;
+
+    ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0,
+                   "http js periodic destroy: \"%V\"",
+                   &periodic->method);
+
+    periodic->connection = NULL;
+
+    for (cln = r->cleanup; cln; cln = cln->next) {
+        if (cln->handler) {
+            cln->handler(cln->data);
+        }
+    }
+
+    ngx_free_connection(c);
+
+    c->fd = (ngx_socket_t) -1;
+    c->pool = NULL;
+    c->destroyed = 1;
+
+    ngx_destroy_pool(r->pool);
+}
+
+
+static ngx_int_t
+ngx_http_js_periodic_init(ngx_js_periodic_t *periodic)
+{
+    ngx_log_t                 *log;
+    ngx_msec_t                 jitter;
+    ngx_http_core_loc_conf_t  *clcf;
+
+    clcf = ngx_http_get_module_loc_conf(periodic->conf_ctx,
+                                        ngx_http_core_module);
+    log = clcf->error_log;
+
+    ngx_memcpy(&periodic->log, log, sizeof(ngx_log_t));
+
+    periodic->log.data = &periodic->log_ctx;
+    periodic->connection = NULL;
+
+    periodic->event.handler = ngx_http_js_periodic_handler;
+    periodic->event.data = periodic;
+    periodic->event.log = log;
+    periodic->event.cancelable = 1;
+
+    jitter = periodic->jitter ? (ngx_msec_t) ngx_random() % periodic->jitter
+                              : 0;
+    ngx_add_timer(&periodic->event, jitter + 1);
+
+    return NGX_OK;
+}
+
+
 static njs_host_event_t
 ngx_http_js_set_timer(njs_external_ptr_t external, uint64_t delay,
     njs_vm_event_t vm_event)
@@ -4193,6 +4451,11 @@ ngx_http_js_handle_vm_event(ngx_http_req
         ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
                       "js exception: %V", &exception);
 
+        if (r->health_check) {
+            ngx_http_js_periodic_finalize(r, NGX_ERROR);
+            return;
+        }
+
         ngx_http_finalize_request(r, NGX_ERROR);
         return;
     }
@@ -4255,6 +4518,119 @@ ngx_http_js_init(ngx_conf_t *cf)
 }
 
 
+static ngx_int_t
+ngx_http_js_init_worker(ngx_cycle_t *cycle)
+{
+    ngx_uint_t           i;
+    ngx_js_periodic_t   *periodics;
+    ngx_js_main_conf_t  *jmcf;
+
+    if ((ngx_process != NGX_PROCESS_WORKER)
+        && ngx_process != NGX_PROCESS_SINGLE)
+    {
+        return NGX_OK;
+    }
+
+    jmcf = ngx_http_cycle_get_module_main_conf(cycle, ngx_http_js_module);
+
+    if (jmcf == NULL || jmcf->periodics == NULL) {
+        return NGX_OK;
+    }
+
+    periodics = jmcf->periodics->elts;
+
+    for (i = 0; i < jmcf->periodics->nelts; i++) {
+        periodics[i].fd = 1000000 + i;
+
+        if (ngx_http_js_periodic_init(&periodics[i]) != NGX_OK) {
+            return NGX_ERROR;
+        }
+    }
+
+    return NGX_OK;
+}
+
+
+static char *
+ngx_http_js_periodic(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+{
+    ngx_str_t           *value, s;
+    ngx_msec_t           interval, jitter;
+    ngx_uint_t           i;
+    ngx_js_periodic_t   *periodic;
+    ngx_js_main_conf_t  *jmcf;
+
+    if (cf->args->nelts < 2) {
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "method name is required");
+        return NGX_CONF_ERROR;
+    }
+
+    jmcf = ngx_http_conf_get_module_main_conf(cf, ngx_http_js_module);
+
+    if (jmcf->periodics == NULL) {
+        jmcf->periodics = ngx_array_create(cf->pool, 1,
+                                           sizeof(ngx_js_periodic_t));
+        if (jmcf->periodics == NULL) {
+            return NGX_CONF_ERROR;
+        }
+    }
+
+    periodic = ngx_array_push(jmcf->periodics);
+    if (periodic == NULL) {
+        return NGX_CONF_ERROR;
+    }
+
+    ngx_memzero(periodic, sizeof(ngx_js_periodic_t));
+
+    jitter = 0;
+    interval = 5000;
+
+    value = cf->args->elts;
+
+    for (i = 2; i < cf->args->nelts; i++) {
+
+        if (ngx_strncmp(value[i].data, "interval=", 9) == 0) {
+            s.len = value[i].len - 9;
+            s.data = value[i].data + 9;
+
+            interval = ngx_parse_time(&s, 0);
+
+            if (interval == (ngx_msec_t) NGX_ERROR || interval == 0) {
+                goto invalid;
+            }
+
+            continue;
+        }
+
+        if (ngx_strncmp(value[i].data, "jitter=", 7) == 0) {
+            s.len = value[i].len - 7;
+            s.data = value[i].data + 7;
+
+            jitter = ngx_parse_time(&s, 0);
+
+            if (jitter == (ngx_msec_t) NGX_ERROR) {
+                goto invalid;
+            }
+
+            continue;
+        }
+
+invalid:
+
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                           "invalid parameter \"%V\"", &value[i]);
+        return NGX_CONF_ERROR;
+    }
+
+    periodic->method = value[1];
+    periodic->interval = interval;
+    periodic->jitter = jitter;
+    periodic->conf_ctx = cf->ctx;
+
+    return NGX_CONF_OK;
+}
+
+
 static char *
 ngx_http_js_set(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
 {
@@ -4429,6 +4805,7 @@ ngx_http_js_create_main_conf(ngx_conf_t 
      * set by ngx_pcalloc():
      *
      *     jmcf->dicts = NULL;
+     *     jmcf->periodics = NULL;
      */
 
     return jmcf;
diff -r 4cb8e873e8c6 -r f1bd0b1db065 nginx/ngx_js.h
--- a/nginx/ngx_js.h	Tue Aug 22 11:12:02 2023 -0700
+++ b/nginx/ngx_js.h	Tue Aug 22 11:13:09 2023 -0700
@@ -56,7 +56,8 @@ typedef struct {
 
 
 #define NGX_JS_COMMON_MAIN_CONF                                               \
-    ngx_js_dict_t         *dicts                                              \
+    ngx_js_dict_t         *dicts;                                             \
+    ngx_array_t           *periodics                                          \
 
 
 #define _NGX_JS_COMMON_LOC_CONF                                               \
diff -r 4cb8e873e8c6 -r f1bd0b1db065 nginx/ngx_stream_js_module.c
--- a/nginx/ngx_stream_js_module.c	Tue Aug 22 11:12:02 2023 -0700
+++ b/nginx/ngx_stream_js_module.c	Tue Aug 22 11:13:09 2023 -0700
@@ -28,6 +28,26 @@ typedef struct {
 
 
 typedef struct {
+    ngx_stream_conf_ctx_t  *conf_ctx;
+    ngx_connection_t       *connection;
+    void                   *padding;
+
+    /**
+     * fd is used for event debug and should be at the same position
+     * as in ngx_connection_t: after a 3rd pointer.
+     */
+    ngx_socket_t            fd;
+
+    ngx_str_t               method;
+    ngx_msec_t              interval;
+    ngx_msec_t              jitter;
+
+    ngx_log_t               log;
+    ngx_event_t             event;
+} ngx_js_periodic_t;
+
+
+typedef struct {
     njs_vm_t               *vm;
     njs_opaque_value_t      retval;
     njs_opaque_value_t      args[3];
@@ -43,6 +63,7 @@ typedef struct {
     ngx_stream_js_ev_t      events[2];
     unsigned                filter:1;
     unsigned                in_progress:1;
+    ngx_js_periodic_t      *periodic;
 } ngx_stream_js_ctx_t;
 
 
@@ -66,7 +87,8 @@ static ngx_int_t ngx_stream_js_variable_
     ngx_stream_variable_value_t *v, uintptr_t data);
 static ngx_int_t ngx_stream_js_variable_var(ngx_stream_session_t *s,
     ngx_stream_variable_value_t *v, uintptr_t data);
-static ngx_int_t ngx_stream_js_init_vm(ngx_stream_session_t *s);
+static ngx_int_t ngx_stream_js_init_vm(ngx_stream_session_t *s,
+    unsigned inject_session);
 static void ngx_stream_js_drop_events(ngx_stream_js_ctx_t *ctx);
 static void ngx_stream_js_cleanup(void *data);
 static njs_int_t ngx_stream_js_run_event(ngx_stream_session_t *s,
@@ -114,8 +136,18 @@ static size_t ngx_stream_js_max_response
 static void ngx_stream_js_handle_event(ngx_stream_session_t *s,
     njs_vm_event_t vm_event, njs_value_t *args, njs_uint_t nargs);
 
+static void ngx_stream_js_periodic_handler(ngx_event_t *ev);
+static void ngx_stream_js_periodic_event_handler(ngx_event_t *ev);
+static void ngx_stream_js_periodic_finalize(ngx_stream_session_t *s,
+    ngx_int_t rc);
+static void ngx_stream_js_periodic_destroy(ngx_stream_session_t *s,
+    ngx_js_periodic_t *periodic);
+
 static njs_int_t ngx_js_stream_init(njs_vm_t *vm);
 static ngx_int_t ngx_stream_js_init(ngx_conf_t *cf);
+static ngx_int_t ngx_stream_js_init_worker(ngx_cycle_t *cycle);
+static char *ngx_stream_js_periodic(ngx_conf_t *cf, ngx_command_t *cmd,
+    void *conf);
 static char *ngx_stream_js_set(ngx_conf_t *cf, ngx_command_t *cmd,
     void *conf);
 static char *ngx_stream_js_var(ngx_conf_t *cf, ngx_command_t *cmd,
@@ -154,6 +186,13 @@ static ngx_command_t  ngx_stream_js_comm
       0,
       NULL },
 
+    { ngx_string("js_periodic"),
+      NGX_STREAM_SRV_CONF|NGX_CONF_ANY,
+      ngx_stream_js_periodic,
+      NGX_STREAM_SRV_CONF_OFFSET,
+      0,
+      NULL },
+
     { ngx_string("js_preload_object"),
       NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE13,
       ngx_js_preload_object,
@@ -293,7 +332,7 @@ ngx_module_t  ngx_stream_js_module = {
     NGX_STREAM_MODULE,              /* module type */
     NULL,                           /* init master */
     NULL,                           /* init module */
-    NULL,                           /* init process */
+    ngx_stream_js_init_worker,      /* init process */
     NULL,                           /* init thread */
     NULL,                           /* exit thread */
     NULL,                           /* exit process */
@@ -647,7 +686,7 @@ ngx_stream_js_phase_handler(ngx_stream_s
         return NGX_DECLINED;
     }
 
-    rc = ngx_stream_js_init_vm(s);
+    rc = ngx_stream_js_init_vm(s, 1);
     if (rc != NGX_OK) {
         return rc;
     }
@@ -728,7 +767,7 @@ ngx_stream_js_body_filter(ngx_stream_ses
     ngx_log_debug1(NGX_LOG_DEBUG_STREAM, c->log, 0, "stream js filter u:%ui",
                    from_upstream);
 
-    rc = ngx_stream_js_init_vm(s);
+    rc = ngx_stream_js_init_vm(s, 1);
 
     if (rc == NGX_ERROR) {
         return NGX_ERROR;
@@ -836,7 +875,7 @@ ngx_stream_js_variable_set(ngx_stream_se
     ngx_str_t             value;
     ngx_stream_js_ctx_t  *ctx;
 
-    rc = ngx_stream_js_init_vm(s);
+    rc = ngx_stream_js_init_vm(s, 1);
 
     if (rc == NGX_ERROR) {
         return NGX_ERROR;
@@ -910,7 +949,7 @@ ngx_stream_js_variable_var(ngx_stream_se
 
 
 static ngx_int_t
-ngx_stream_js_init_vm(ngx_stream_session_t *s)
+ngx_stream_js_init_vm(ngx_stream_session_t *s, unsigned inject_session)
 {
     njs_int_t                  rc;
     njs_str_t                  key;
@@ -987,10 +1026,12 @@ ngx_stream_js_init_vm(ngx_stream_session
         return NGX_ERROR;
     }
 
-    rc = njs_vm_external_create(ctx->vm, njs_value_arg(&ctx->args[0]),
-                                ngx_stream_js_session_proto_id, s, 0);
-    if (rc != NJS_OK) {
-        return NGX_ERROR;
+    if (inject_session) {
+        rc = njs_vm_external_create(ctx->vm, njs_value_arg(&ctx->args[0]),
+                                    ngx_stream_js_session_proto_id, s, 0);
+        if (rc != NJS_OK) {
+            return NGX_ERROR;
+        }
     }
 
     return NGX_OK;
@@ -1695,12 +1736,21 @@ ngx_stream_js_handle_event(ngx_stream_se
 
     rc = njs_vm_run(ctx->vm);
 
+    ngx_log_debug2(NGX_LOG_DEBUG_STREAM, s->connection->log, 0,
+                   "stream js post event handler rc: %i event: %p",
+                   (ngx_int_t) rc, vm_event);
+
     if (rc == NJS_ERROR) {
         ngx_js_retval(ctx->vm, NULL, &exception);
 
         ngx_log_error(NGX_LOG_ERR, s->connection->log, 0,
                       "js exception: %V", &exception);
 
+        if (s->health_check) {
+            ngx_stream_js_periodic_finalize(s, NGX_ERROR);
+            return;
+        }
+
         ngx_stream_finalize_session(s, NGX_STREAM_INTERNAL_SERVER_ERROR);
     }
 
@@ -1754,6 +1804,337 @@ ngx_stream_js_init_conf_vm(ngx_conf_t *c
 }
 
 
+static void
+ngx_stream_js_periodic_handler(ngx_event_t *ev)
+{
+    ngx_int_t                     rc;
+    ngx_msec_t                    timer;
+    ngx_js_periodic_t            *periodic;
+    ngx_connection_t             *c;
+    ngx_stream_js_ctx_t          *ctx;
+    ngx_stream_session_t         *s;
+    ngx_stream_core_main_conf_t  *cmcf;
+
+    periodic = ev->data;
+
+    timer = periodic->interval;
+
+    if (periodic->jitter) {
+        timer += (ngx_msec_t) ngx_random() % periodic->jitter;
+    }
+
+    ngx_add_timer(&periodic->event, timer);
+
+    c = periodic->connection;
+
+    if (c != NULL) {
+        ngx_log_error(NGX_LOG_ERR, c->log, 0,
+                      "js periodic \"%V\" is already running, killing previous "
+                      "instance", &periodic->method);
+
+        ngx_stream_js_periodic_finalize(c->data, NGX_ERROR);
+    }
+
+    ngx_log_debug1(NGX_LOG_DEBUG_STREAM, &periodic->log, 0,
+                   "stream js periodic handler: \"%V\"", &periodic->method);
+
+    c = ngx_get_connection(0, &periodic->log);
+
+    if (c == NULL) {
+        return;
+    }
+
+    c->pool = ngx_create_pool(1024, c->log);
+    if (c->pool == NULL) {
+        goto free_connection;
+    }
+
+    s = ngx_pcalloc(c->pool, sizeof(ngx_stream_session_t));
+    if (s == NULL) {
+        goto free_pool;
+    }
+
+    s->main_conf = periodic->conf_ctx->main_conf;
+    s->srv_conf = periodic->conf_ctx->srv_conf;
+
+    s->ctx = ngx_pcalloc(c->pool, sizeof(void *) * ngx_stream_max_module);
+    if (s->ctx == NULL) {
+        goto free_pool;
+    }
+
+    cmcf = ngx_stream_get_module_main_conf(s, ngx_stream_core_module);
+
+    s->variables = ngx_pcalloc(c->pool, cmcf->variables.nelts
+                                        * sizeof(ngx_stream_variable_value_t));
+    if (s->variables == NULL) {
+        goto free_pool;
+    }
+
+    c->data = s;
+    c->destroyed = 0;
+    c->read->log = &periodic->log;
+    c->read->handler = ngx_stream_js_periodic_event_handler;
+
+    s->received = 1;
+    s->connection = c;
+    s->signature = NGX_STREAM_MODULE;
+
+    s->health_check = 1;
+
+    rc = ngx_stream_js_init_vm(s, 0);
+
+    if (rc != NGX_OK) {
+        ngx_stream_js_periodic_destroy(s, periodic);
+        return;
+    }
+
+    periodic->connection = c;
+
+    ctx = ngx_stream_get_module_ctx(s, ngx_stream_js_module);
+
+    ctx->periodic = periodic;
+
+    s->received++;
+
+    rc = ngx_js_invoke(ctx->vm, &periodic->method, &periodic->log, NULL, 0,
+                       &ctx->retval);
+
+    if (rc == NGX_AGAIN) {
+        rc = NGX_OK;
+    }
+
+    s->received--;
+
+    ngx_stream_js_periodic_finalize(s, rc);
+
+    return;
+
+free_pool:
+
+    ngx_destroy_pool(c->pool);
+
+free_connection:
+
+    ngx_close_connection(c);
+}
+
+
+static void
+ngx_stream_js_periodic_event_handler(ngx_event_t *ev)
+{
+    ngx_connection_t      *c;
+    ngx_stream_js_ctx_t   *ctx;
+    ngx_stream_session_t  *s;
+
+    c = ev->data;
+
+    ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0,
+                   "stream js periodic event handler");
+
+    if (c->close) {
+        ngx_stream_js_periodic_finalize(c->data, NGX_ERROR);
+        return;
+    }
+
+    s = c->data;
+
+    ctx = ngx_stream_get_module_ctx(s, ngx_stream_js_module);
+
+    if (!njs_vm_pending(ctx->vm)) {
+        ngx_stream_js_periodic_finalize(s, NGX_OK);
+        return;
+    }
+}
+
+
+static void
+ngx_stream_js_periodic_finalize(ngx_stream_session_t *s, ngx_int_t rc)
+{
+    ngx_stream_js_ctx_t  *ctx;
+
+    ctx = ngx_stream_get_module_ctx(s, ngx_stream_js_module);
+
+    ngx_log_debug4(NGX_LOG_DEBUG_STREAM, s->connection->log, 0,
+                   "stream js periodic finalize: \"%V\" rc: %i c: %i "
+                   "pending: %i", &ctx->periodic->method, rc, s->received,
+                   njs_vm_pending(ctx->vm));
+
+    if (s->received > 1 || (rc == NGX_OK && njs_vm_pending(ctx->vm))) {
+        return;
+    }
+
+    ngx_stream_js_periodic_destroy(s, ctx->periodic);
+}
+
+
+static void
+ngx_stream_js_periodic_destroy(ngx_stream_session_t *s,
+    ngx_js_periodic_t *periodic)
+{
+    ngx_connection_t  *c;
+
+    c = s->connection;
+
+    ngx_log_debug1(NGX_LOG_DEBUG_STREAM, c->log, 0,
+                   "stream js periodic request destroy: \"%V\"",
+                   &periodic->method);
+
+    periodic->connection = NULL;
+
+    ngx_free_connection(c);
+
+    ngx_destroy_pool(c->pool);
+
+    c->fd = (ngx_socket_t) -1;
+    c->pool = NULL;
+    c->destroyed = 1;
+
+    if (c->read->posted) {
+        ngx_delete_posted_event(c->read);
+    }
+}
+
+
+static ngx_int_t
+ngx_stream_js_periodic_init(ngx_js_periodic_t *periodic)
+{
+    ngx_log_t                   *log;
+    ngx_msec_t                   jitter;
+    ngx_stream_core_srv_conf_t  *cscf;
+
+    cscf = ngx_stream_get_module_srv_conf(periodic->conf_ctx,
+                                          ngx_stream_core_module);
+    log = cscf->error_log;
+
+    ngx_memcpy(&periodic->log, log, sizeof(ngx_log_t));
+
+    periodic->connection = NULL;
+
+    periodic->event.handler = ngx_stream_js_periodic_handler;
+    periodic->event.data = periodic;
+    periodic->event.log = log;
+    periodic->event.cancelable = 1;
+
+    jitter = periodic->jitter ? (ngx_msec_t) ngx_random() % periodic->jitter
+                              : 0;
+    ngx_add_timer(&periodic->event, jitter + 1);
+
+    return NGX_OK;
+}
+
+
+static ngx_int_t
+ngx_stream_js_init_worker(ngx_cycle_t *cycle)
+{
+    ngx_uint_t           i;
+    ngx_js_periodic_t   *periodics;
+    ngx_js_main_conf_t  *jmcf;
+
+    if ((ngx_process != NGX_PROCESS_WORKER)
+        && ngx_process != NGX_PROCESS_SINGLE)
+    {
+        return NGX_OK;
+    }
+
+    jmcf = ngx_stream_cycle_get_module_main_conf(cycle, ngx_stream_js_module);
+
+    if (jmcf == NULL || jmcf->periodics == NULL) {
+        return NGX_OK;
+    }
+
+    periodics = jmcf->periodics->elts;
+
+    for (i = 0; i < jmcf->periodics->nelts; i++) {
+        periodics[i].fd = 1000000 + i;
+
+        if (ngx_stream_js_periodic_init(&periodics[i]) != NGX_OK) {
+            return NGX_ERROR;
+        }
+    }
+
+    return NGX_OK;
+}
+
+
+static char *
+ngx_stream_js_periodic(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+{
+    ngx_str_t           *value, s;
+    ngx_msec_t           interval, jitter;
+    ngx_uint_t           i;
+    ngx_js_periodic_t   *periodic;
+    ngx_js_main_conf_t  *jmcf;
+
+    if (cf->args->nelts < 2) {
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "method name is required");
+        return NGX_CONF_ERROR;
+    }
+
+    jmcf = ngx_stream_conf_get_module_main_conf(cf, ngx_stream_js_module);
+
+    if (jmcf->periodics == NULL) {
+        jmcf->periodics = ngx_array_create(cf->pool, 1,
+                                           sizeof(ngx_js_periodic_t));
+        if (jmcf->periodics == NULL) {
+            return NGX_CONF_ERROR;
+        }
+    }
+
+    periodic = ngx_array_push(jmcf->periodics);
+    if (periodic == NULL) {
+        return NGX_CONF_ERROR;
+    }
+
+    ngx_memzero(periodic, sizeof(ngx_js_periodic_t));
+
+    jitter = 0;
+    interval = 5000;
+
+    value = cf->args->elts;
+
+    for (i = 2; i < cf->args->nelts; i++) {
+
+        if (ngx_strncmp(value[i].data, "interval=", 9) == 0) {
+            s.len = value[i].len - 9;
+            s.data = value[i].data + 9;
+
+            interval = ngx_parse_time(&s, 0);
+
+            if (interval == (ngx_msec_t) NGX_ERROR || interval == 0) {
+                goto invalid;
+            }
+
+            continue;
+        }

From pluknet at nginx.com  Tue Aug 22 20:01:17 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Wed, 23 Aug 2023 00:01:17 +0400
Subject: [PATCH] QUIC: posted generating TLS Key Update next keys
In-Reply-To: <4215a1d1426c23a06df6.1692634631@enoparse.local>
References: <4215a1d1426c23a06df6.1692634631@enoparse.local>
Message-ID: <C9BB626B-3882-4CFC-9417-25549D551A02@nginx.com>


> On 21 Aug 2023, at 20:17, Sergey Kandaurov <pluknet at nginx.com> wrote:
> 
> # HG changeset patch
> # User Sergey Kandaurov <pluknet at nginx.com>
> # Date 1692634530 -14400
> #      Mon Aug 21 20:15:30 2023 +0400
> # Node ID 4215a1d1426c23a06df6229b986d36e838594a91
> # Parent  44536076405cf79ebdd82a6a0ab27bb3aed86b04
> QUIC: posted generating TLS Key Update next keys.
> 
> Since at least f9fbeb4ee0de, which TLS Key Update support predates,
> queued data output is deferred to a posted push handler.  To address
> timing signals, generating next keys is posted after handling frames,
> to run after posted push handler.
> 
> diff --git a/src/event/quic/ngx_event_quic.c b/src/event/quic/ngx_event_quic.c
> --- a/src/event/quic/ngx_event_quic.c
> +++ b/src/event/quic/ngx_event_quic.c
> @@ -283,6 +283,10 @@ ngx_quic_new_connection(ngx_connection_t
>     qc->path_validation.data = c;
>     qc->path_validation.handler = ngx_quic_path_handler;
> 
> +    qc->key_update.log = c->log;
> +    qc->key_update.data = c;
> +    qc->key_update.handler = ngx_quic_keys_update;
> +
>     qc->conf = conf;
> 
>     if (ngx_quic_init_transport_params(&qc->tp, conf) != NGX_OK) {

A posted event should be removed on connection close, as otherwise
posting the event may produce use-after-free, which will happen on
ngx_quic_push_handler -> ngx_quic_output error path.
The patch to address this (to be folded to the changeset):

diff --git a/src/event/quic/ngx_event_quic.c b/src/event/quic/ngx_event_quic.c
--- a/src/event/quic/ngx_event_quic.c
+++ b/src/event/quic/ngx_event_quic.c
@@ -566,6 +566,10 @@ ngx_quic_close_connection(ngx_connection
         ngx_delete_posted_event(&qc->push);
     }
 
+    if (qc->key_update.posted) {
+        ngx_delete_posted_event(&qc->key_update);
+    }
+
     if (qc->close.timer_set) {
         return;
     }

> @@ -1055,7 +1059,9 @@ ngx_quic_handle_payload(ngx_connection_t
>         return rc;
>     }
> 
> -    return ngx_quic_keys_update(c, qc->keys);
> +    ngx_post_event(&qc->key_update, &ngx_posted_events);
> +
> +    return NGX_OK;
> }
> 
> 
> diff --git a/src/event/quic/ngx_event_quic_connection.h b/src/event/quic/ngx_event_quic_connection.h
> --- a/src/event/quic/ngx_event_quic_connection.h
> +++ b/src/event/quic/ngx_event_quic_connection.h
> @@ -230,6 +230,8 @@ struct ngx_quic_connection_s {
>     ngx_event_t                       pto;
>     ngx_event_t                       close;
>     ngx_event_t                       path_validation;
> +    ngx_event_t                       key_update;
> +
>     ngx_msec_t                        last_cc;
> 
>     ngx_msec_t                        first_rtt;
> diff --git a/src/event/quic/ngx_event_quic_protection.c b/src/event/quic/ngx_event_quic_protection.c
> --- a/src/event/quic/ngx_event_quic_protection.c
> +++ b/src/event/quic/ngx_event_quic_protection.c
> @@ -700,13 +700,20 @@ ngx_quic_keys_switch(ngx_connection_t *c
> }
> 
> 
> -ngx_int_t
> -ngx_quic_keys_update(ngx_connection_t *c, ngx_quic_keys_t *keys)
> +void
> +ngx_quic_keys_update(ngx_event_t *ev)
> {
> -    ngx_uint_t           i;
> -    ngx_quic_hkdf_t      seq[6];
> -    ngx_quic_ciphers_t   ciphers;
> -    ngx_quic_secrets_t  *current, *next;
> +    ngx_uint_t              i;
> +    ngx_quic_hkdf_t         seq[6];
> +    ngx_quic_keys_t        *keys;
> +    ngx_connection_t       *c;
> +    ngx_quic_ciphers_t      ciphers;
> +    ngx_quic_secrets_t     *current, *next;
> +    ngx_quic_connection_t  *qc;
> +
> +    c = ev->data;
> +    qc = ngx_quic_get_connection(c);
> +    keys = qc->keys;
> 
>     current = &keys->secrets[ssl_encryption_application];
>     next = &keys->next_key;
> @@ -716,7 +723,7 @@ ngx_quic_keys_update(ngx_connection_t *c
>     if (ngx_quic_ciphers(keys->cipher, &ciphers, ssl_encryption_application)
>         == NGX_ERROR)
>     {
> -        return NGX_ERROR;
> +        goto failed;
>     }
> 
>     next->client.secret.len = current->client.secret.len;
> @@ -744,11 +751,15 @@ ngx_quic_keys_update(ngx_connection_t *c
> 
>     for (i = 0; i < (sizeof(seq) / sizeof(seq[0])); i++) {
>         if (ngx_quic_hkdf_expand(&seq[i], ciphers.d, c->log) != NGX_OK) {
> -            return NGX_ERROR;
> +            goto failed;
>         }
>     }
> 
> -    return NGX_OK;
> +    return;
> +
> +failed:
> +
> +    ngx_quic_close_connection(c, NGX_ERROR);
> }
> 
> 
> diff --git a/src/event/quic/ngx_event_quic_protection.h b/src/event/quic/ngx_event_quic_protection.h
> --- a/src/event/quic/ngx_event_quic_protection.h
> +++ b/src/event/quic/ngx_event_quic_protection.h
> @@ -99,7 +99,7 @@ ngx_uint_t ngx_quic_keys_available(ngx_q
> void ngx_quic_keys_discard(ngx_quic_keys_t *keys,
>     enum ssl_encryption_level_t level);
> void ngx_quic_keys_switch(ngx_connection_t *c, ngx_quic_keys_t *keys);
> -ngx_int_t ngx_quic_keys_update(ngx_connection_t *c, ngx_quic_keys_t *keys);
> +void ngx_quic_keys_update(ngx_event_t *ev);
> ngx_int_t ngx_quic_encrypt(ngx_quic_header_t *pkt, ngx_str_t *res);
> ngx_int_t ngx_quic_decrypt(ngx_quic_header_t *pkt, uint64_t *largest_pn);
> void ngx_quic_compute_nonce(u_char *nonce, size_t len, uint64_t pn);
> diff --git a/src/event/quic/ngx_event_quic_ssl.c b/src/event/quic/ngx_event_quic_ssl.c
> --- a/src/event/quic/ngx_event_quic_ssl.c
> +++ b/src/event/quic/ngx_event_quic_ssl.c
> @@ -482,9 +482,7 @@ ngx_quic_crypto_input(ngx_connection_t *
>      * Generating next keys before a key update is received.
>      */
> 
> -    if (ngx_quic_keys_update(c, qc->keys) != NGX_OK) {
> -        return NGX_ERROR;
> -    }
> +    ngx_post_event(&qc->key_update, &ngx_posted_events);
> 
>     /*
>      * RFC 9001, 4.9.2.  Discarding Handshake Keys

-- 
Sergey Kandaurov

From arut at nginx.com  Wed Aug 23 11:35:19 2023
From: arut at nginx.com (Roman Arutyunyan)
Date: Wed, 23 Aug 2023 15:35:19 +0400
Subject: [PATCH] QUIC: posted generating TLS Key Update next keys
In-Reply-To: <4215a1d1426c23a06df6.1692634631@enoparse.local>
References: <4215a1d1426c23a06df6.1692634631@enoparse.local>
Message-ID: <20230823113519.hnthpv6c62nhgqt6@N00W24XTQX>

Hi,

On Mon, Aug 21, 2023 at 08:17:11PM +0400, Sergey Kandaurov wrote:
> # HG changeset patch
> # User Sergey Kandaurov <pluknet at nginx.com>
> # Date 1692634530 -14400
> #      Mon Aug 21 20:15:30 2023 +0400
> # Node ID 4215a1d1426c23a06df6229b986d36e838594a91
> # Parent  44536076405cf79ebdd82a6a0ab27bb3aed86b04
> QUIC: posted generating TLS Key Update next keys.
> 
> Since at least f9fbeb4ee0de, which TLS Key Update support predates,
> queued data output is deferred to a posted push handler.  To address
> timing signals, generating next keys is posted after handling frames,
> to run after posted push handler.
> 
> diff --git a/src/event/quic/ngx_event_quic.c b/src/event/quic/ngx_event_quic.c
> --- a/src/event/quic/ngx_event_quic.c
> +++ b/src/event/quic/ngx_event_quic.c
> @@ -283,6 +283,10 @@ ngx_quic_new_connection(ngx_connection_t
>      qc->path_validation.data = c;
>      qc->path_validation.handler = ngx_quic_path_handler;
>  
> +    qc->key_update.log = c->log;
> +    qc->key_update.data = c;
> +    qc->key_update.handler = ngx_quic_keys_update;

As discussed before (and addressed in the followup patch), this event
should be removed on connection close.

>      qc->conf = conf;
>  
>      if (ngx_quic_init_transport_params(&qc->tp, conf) != NGX_OK) {
> @@ -1055,7 +1059,9 @@ ngx_quic_handle_payload(ngx_connection_t
>          return rc;
>      }

Unrelated to the patch, but setting the log action above this call
does not seem to make sense.  Also, I'd change the way it's set in
ngx_quic_handle_frames().

> -    return ngx_quic_keys_update(c, qc->keys);
> +    ngx_post_event(&qc->key_update, &ngx_posted_events);

IMHO the code above can be simplified now to become something like this:

    pkt->received = ngx_current_msec;                                            
                                                                                 
    if (pkt->level == ssl_encryption_application && pkt->key_update) {           
        /* switch keys and generate next on Key Phase change */                  
                                                                                 
        qc->key_phase ^= 1;                                                      
        ngx_quic_keys_switch(c, qc->keys);                                       
        ngx_post_event(&qc->key_update, &ngx_posted_events);                     
    }                                                                            
                                                                                 
    return ngx_quic_handle_frames(c, pkt); 

You may argue that in case of error key update will be posted while it's not
needed, but this situtation is still possible if we receive two packets and
the second one triggers an error.  Also, the situation is similar to pto
handlers.  We may add connection close checks to event handlers to optimize the
behavior (not sure though).

> +
> +    return NGX_OK;
>  }
>  
>  
> diff --git a/src/event/quic/ngx_event_quic_connection.h b/src/event/quic/ngx_event_quic_connection.h
> --- a/src/event/quic/ngx_event_quic_connection.h
> +++ b/src/event/quic/ngx_event_quic_connection.h
> @@ -230,6 +230,8 @@ struct ngx_quic_connection_s {
>      ngx_event_t                       pto;
>      ngx_event_t                       close;
>      ngx_event_t                       path_validation;
> +    ngx_event_t                       key_update;
> +
>      ngx_msec_t                        last_cc;
>  
>      ngx_msec_t                        first_rtt;
> diff --git a/src/event/quic/ngx_event_quic_protection.c b/src/event/quic/ngx_event_quic_protection.c
> --- a/src/event/quic/ngx_event_quic_protection.c
> +++ b/src/event/quic/ngx_event_quic_protection.c
> @@ -700,13 +700,20 @@ ngx_quic_keys_switch(ngx_connection_t *c
>  }
>  
>  
> -ngx_int_t
> -ngx_quic_keys_update(ngx_connection_t *c, ngx_quic_keys_t *keys)
> +void
> +ngx_quic_keys_update(ngx_event_t *ev)
>  {
> -    ngx_uint_t           i;
> -    ngx_quic_hkdf_t      seq[6];
> -    ngx_quic_ciphers_t   ciphers;
> -    ngx_quic_secrets_t  *current, *next;
> +    ngx_uint_t              i;
> +    ngx_quic_hkdf_t         seq[6];
> +    ngx_quic_keys_t        *keys;
> +    ngx_connection_t       *c;
> +    ngx_quic_ciphers_t      ciphers;
> +    ngx_quic_secrets_t     *current, *next;
> +    ngx_quic_connection_t  *qc;

Now this functions needs a log action.  Similarly, pto handlers need it as well.

> +    c = ev->data;
> +    qc = ngx_quic_get_connection(c);
> +    keys = qc->keys;
>  
>      current = &keys->secrets[ssl_encryption_application];
>      next = &keys->next_key;
> @@ -716,7 +723,7 @@ ngx_quic_keys_update(ngx_connection_t *c
>      if (ngx_quic_ciphers(keys->cipher, &ciphers, ssl_encryption_application)
>          == NGX_ERROR)
>      {
> -        return NGX_ERROR;
> +        goto failed;
>      }
>  
>      next->client.secret.len = current->client.secret.len;
> @@ -744,11 +751,15 @@ ngx_quic_keys_update(ngx_connection_t *c
>  
>      for (i = 0; i < (sizeof(seq) / sizeof(seq[0])); i++) {
>          if (ngx_quic_hkdf_expand(&seq[i], ciphers.d, c->log) != NGX_OK) {
> -            return NGX_ERROR;
> +            goto failed;
>          }
>      }
>  
> -    return NGX_OK;
> +    return;
> +
> +failed:
> +
> +    ngx_quic_close_connection(c, NGX_ERROR);
>  }
>  
>  
> diff --git a/src/event/quic/ngx_event_quic_protection.h b/src/event/quic/ngx_event_quic_protection.h
> --- a/src/event/quic/ngx_event_quic_protection.h
> +++ b/src/event/quic/ngx_event_quic_protection.h
> @@ -99,7 +99,7 @@ ngx_uint_t ngx_quic_keys_available(ngx_q
>  void ngx_quic_keys_discard(ngx_quic_keys_t *keys,
>      enum ssl_encryption_level_t level);
>  void ngx_quic_keys_switch(ngx_connection_t *c, ngx_quic_keys_t *keys);
> -ngx_int_t ngx_quic_keys_update(ngx_connection_t *c, ngx_quic_keys_t *keys);
> +void ngx_quic_keys_update(ngx_event_t *ev);
>  ngx_int_t ngx_quic_encrypt(ngx_quic_header_t *pkt, ngx_str_t *res);
>  ngx_int_t ngx_quic_decrypt(ngx_quic_header_t *pkt, uint64_t *largest_pn);
>  void ngx_quic_compute_nonce(u_char *nonce, size_t len, uint64_t pn);
> diff --git a/src/event/quic/ngx_event_quic_ssl.c b/src/event/quic/ngx_event_quic_ssl.c
> --- a/src/event/quic/ngx_event_quic_ssl.c
> +++ b/src/event/quic/ngx_event_quic_ssl.c
> @@ -482,9 +482,7 @@ ngx_quic_crypto_input(ngx_connection_t *
>       * Generating next keys before a key update is received.
>       */
>  
> -    if (ngx_quic_keys_update(c, qc->keys) != NGX_OK) {
> -        return NGX_ERROR;
> -    }
> +    ngx_post_event(&qc->key_update, &ngx_posted_events);
>  
>      /*
>       * RFC 9001, 4.9.2.  Discarding Handshake Keys
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> https://mailman.nginx.org/mailman/listinfo/nginx-devel

--
Roman Arutyunyan

From pluknet at nginx.com  Wed Aug 23 12:26:15 2023
From: pluknet at nginx.com (=?iso-8859-1?q?Sergey_Kandaurov?=)
Date: Wed, 23 Aug 2023 16:26:15 +0400
Subject: [PATCH] Tests: allow to run ssl_curve.t on BoringSSL
Message-ID: <fae298d5f8d649af8006.1692793575@enoparse.local>

# HG changeset patch
# User Sergey Kandaurov <pluknet at nginx.com>
# Date 1692793549 -14400
#      Wed Aug 23 16:25:49 2023 +0400
# Node ID fae298d5f8d649af8006707b2f2856cc07f220b9
# Parent  4d13c9e74d04bb6cdd83923ded045d665adc5226
Tests: allow to run ssl_curve.t on BoringSSL.

Recently BoringSSL has got SSL_get_negotiated_group(),
which makes $ssl_curve to return the expected value.

While here, moved SSL library check to runtime.

diff --git a/ssl_curve.t b/ssl_curve.t
--- a/ssl_curve.t
+++ b/ssl_curve.t
@@ -23,7 +23,7 @@ select STDERR; $| = 1;
 select STDOUT; $| = 1;
 
 my $t = Test::Nginx->new()
-	->has(qw/http http_ssl rewrite socket_ssl openssl:3.0.0/)
+	->has(qw/http http_ssl rewrite socket_ssl/)
 	->has_daemon('openssl');
 
 $t->write_file_expand('nginx.conf', <<'EOF');
@@ -75,6 +75,10 @@ foreach my $name ('localhost') {
 
 ###############################################################################
 
+local $TODO = 'OpenSSL too old'
+	unless $t->has_feature('openssl:3.0.0')
+	or $t->has_module('BoringSSL');
+
 like(http_get('/curve', SSL => 1), qr/^prime256v1 /m, 'ssl curve');
 
 ###############################################################################

From v.zhestikov at f5.com  Wed Aug 23 17:12:20 2023
From: v.zhestikov at f5.com (Vadim Zhestikov)
Date: Wed, 23 Aug 2023 17:12:20 +0000
Subject: [njs] Fixed building by GCC with -O3.
Message-ID: <hg.c0f581b26e84.1692810740.5965299922797593991@dev.nginx>

details:   https://hg.nginx.org/njs/rev/c0f581b26e84
branches:  
changeset: 2185:c0f581b26e84
user:      Vadim Zhestikov <v.zhestikov at f5.com>
date:      Wed Aug 23 10:09:22 2023 -0700
description:
Fixed building by GCC with -O3.

diffstat:

 src/njs_array.c |  3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diffs (13 lines):

diff -r f1bd0b1db065 -r c0f581b26e84 src/njs_array.c
--- a/src/njs_array.c	Tue Aug 22 11:13:09 2023 -0700
+++ b/src/njs_array.c	Wed Aug 23 10:09:22 2023 -0700
@@ -2952,6 +2952,9 @@ njs_array_prototype_sort(njs_vm_t *vm, n
         return ret;
     }
 
+    /* Satisfy gcc -O3 */
+    nslots = 0;
+
     slots = njs_sort_indexed_properties(vm, this, length, compare, 1, &nslots,
                                         &nunds);
     if (njs_slow_path(slots == NULL)) {

From mdounin at mdounin.ru  Wed Aug 23 17:13:12 2023
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 23 Aug 2023 20:13:12 +0300
Subject: [PATCH] Tests: allow to run ssl_curve.t on BoringSSL
In-Reply-To: <fae298d5f8d649af8006.1692793575@enoparse.local>
References: <fae298d5f8d649af8006.1692793575@enoparse.local>
Message-ID: <ZOY+KDRtn0sFKq94@mdounin.ru>

Hello!

On Wed, Aug 23, 2023 at 04:26:15PM +0400, Sergey Kandaurov wrote:

> # HG changeset patch
> # User Sergey Kandaurov <pluknet at nginx.com>
> # Date 1692793549 -14400
> #      Wed Aug 23 16:25:49 2023 +0400
> # Node ID fae298d5f8d649af8006707b2f2856cc07f220b9
> # Parent  4d13c9e74d04bb6cdd83923ded045d665adc5226
> Tests: allow to run ssl_curve.t on BoringSSL.

allowed ssl_curve.t to run ...
?

> 
> Recently BoringSSL has got SSL_get_negotiated_group(),
> which makes $ssl_curve to return the expected value.
> 
> While here, moved SSL library check to runtime.

You probably mean "converted ... into TODO"?

(Also, it might be the time to drop try_run() here, as well as 
other 1.21.x version checks in the test suite.  It should be a 
separate patch though.)

> 
> diff --git a/ssl_curve.t b/ssl_curve.t
> --- a/ssl_curve.t
> +++ b/ssl_curve.t
> @@ -23,7 +23,7 @@ select STDERR; $| = 1;
>  select STDOUT; $| = 1;
>  
>  my $t = Test::Nginx->new()
> -	->has(qw/http http_ssl rewrite socket_ssl openssl:3.0.0/)
> +	->has(qw/http http_ssl rewrite socket_ssl/)
>  	->has_daemon('openssl');
>  
>  $t->write_file_expand('nginx.conf', <<'EOF');
> @@ -75,6 +75,10 @@ foreach my $name ('localhost') {
>  
>  ###############################################################################
>  
> +local $TODO = 'OpenSSL too old'
> +	unless $t->has_feature('openssl:3.0.0')
> +	or $t->has_module('BoringSSL');
> +
>  like(http_get('/curve', SSL => 1), qr/^prime256v1 /m, 'ssl curve');
>  
>  ###############################################################################

Otherwise looks good.

-- 
Maxim Dounin
http://mdounin.ru/

From pluknet at nginx.com  Thu Aug 24 06:51:46 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Thu, 24 Aug 2023 10:51:46 +0400
Subject: [PATCH] Tests: allow to run ssl_curve.t on BoringSSL
In-Reply-To: <ZOY+KDRtn0sFKq94@mdounin.ru>
References: <fae298d5f8d649af8006.1692793575@enoparse.local>
 <ZOY+KDRtn0sFKq94@mdounin.ru>
Message-ID: <56213186-3B91-486D-B480-BD15D1643C3C@nginx.com>


> On 23 Aug 2023, at 21:13, Maxim Dounin <mdounin at mdounin.ru> wrote:
> 
> Hello!
> 
> On Wed, Aug 23, 2023 at 04:26:15PM +0400, Sergey Kandaurov wrote:
> 
>> # HG changeset patch
>> # User Sergey Kandaurov <pluknet at nginx.com>
>> # Date 1692793549 -14400
>> #      Wed Aug 23 16:25:49 2023 +0400
>> # Node ID fae298d5f8d649af8006707b2f2856cc07f220b9
>> # Parent  4d13c9e74d04bb6cdd83923ded045d665adc5226
>> Tests: allow to run ssl_curve.t on BoringSSL.
> 
> allowed ssl_curve.t to run ...
> ?

Sure, tnx.

> 
>> 
>> Recently BoringSSL has got SSL_get_negotiated_group(),
>> which makes $ssl_curve to return the expected value.
>> 
>> While here, moved SSL library check to runtime.
> 
> You probably mean "converted ... into TODO"?
> 

Yep, that was another variant actually, applied.

> (Also, it might be the time to drop try_run() here, as well as 
> other 1.21.x version checks in the test suite.  It should be a 
> separate patch though.)

Agreed, I will take care of it soon.

> 
>> 
>> diff --git a/ssl_curve.t b/ssl_curve.t
>> --- a/ssl_curve.t
>> +++ b/ssl_curve.t
>> @@ -23,7 +23,7 @@ select STDERR; $| = 1;
>> select STDOUT; $| = 1;
>> 
>> my $t = Test::Nginx->new()
>> -	->has(qw/http http_ssl rewrite socket_ssl openssl:3.0.0/)
>> +	->has(qw/http http_ssl rewrite socket_ssl/)
>> 	->has_daemon('openssl');
>> 
>> $t->write_file_expand('nginx.conf', <<'EOF');
>> @@ -75,6 +75,10 @@ foreach my $name ('localhost') {
>> 
>> ###############################################################################
>> 
>> +local $TODO = 'OpenSSL too old'
>> +	unless $t->has_feature('openssl:3.0.0')
>> +	or $t->has_module('BoringSSL');
>> +
>> like(http_get('/curve', SSL => 1), qr/^prime256v1 /m, 'ssl curve');
>> 
>> ###############################################################################
> 
> Otherwise looks good.
> 

-- 
Sergey Kandaurov

From pluknet at nginx.com  Thu Aug 24 15:37:24 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Thu, 24 Aug 2023 19:37:24 +0400
Subject: [PATCH] QUIC: posted generating TLS Key Update next keys
In-Reply-To: <20230823113519.hnthpv6c62nhgqt6@N00W24XTQX>
References: <4215a1d1426c23a06df6.1692634631@enoparse.local>
 <20230823113519.hnthpv6c62nhgqt6@N00W24XTQX>
Message-ID: <757009F0-B297-4889-B28F-C6ABBD7C6CBC@nginx.com>


> On 23 Aug 2023, at 15:35, Roman Arutyunyan <arut at nginx.com> wrote:
> 
> Hi,
> 
> On Mon, Aug 21, 2023 at 08:17:11PM +0400, Sergey Kandaurov wrote:
>> # HG changeset patch
>> # User Sergey Kandaurov <pluknet at nginx.com>
>> # Date 1692634530 -14400
>> #      Mon Aug 21 20:15:30 2023 +0400
>> # Node ID 4215a1d1426c23a06df6229b986d36e838594a91
>> # Parent  44536076405cf79ebdd82a6a0ab27bb3aed86b04
>> QUIC: posted generating TLS Key Update next keys.
>> 
>> Since at least f9fbeb4ee0de, which TLS Key Update support predates,
>> queued data output is deferred to a posted push handler.  To address
>> timing signals, generating next keys is posted after handling frames,
>> to run after posted push handler.
>> 
>> diff --git a/src/event/quic/ngx_event_quic.c b/src/event/quic/ngx_event_quic.c
>> --- a/src/event/quic/ngx_event_quic.c
>> +++ b/src/event/quic/ngx_event_quic.c
>> @@ -283,6 +283,10 @@ ngx_quic_new_connection(ngx_connection_t
>>     qc->path_validation.data = c;
>>     qc->path_validation.handler = ngx_quic_path_handler;
>> 
>> +    qc->key_update.log = c->log;
>> +    qc->key_update.data = c;
>> +    qc->key_update.handler = ngx_quic_keys_update;
> 
> As discussed before (and addressed in the followup patch), this event
> should be removed on connection close.
> 
>>     qc->conf = conf;
>> 
>>     if (ngx_quic_init_transport_params(&qc->tp, conf) != NGX_OK) {
>> @@ -1055,7 +1059,9 @@ ngx_quic_handle_payload(ngx_connection_t
>>         return rc;
>>     }
> 
> Unrelated to the patch, but setting the log action above this call
> does not seem to make sense.  Also, I'd change the way it's set in
> ngx_quic_handle_frames().
> 
>> -    return ngx_quic_keys_update(c, qc->keys);
>> +    ngx_post_event(&qc->key_update, &ngx_posted_events);
> 
> IMHO the code above can be simplified now to become something like this:
> 
>    pkt->received = ngx_current_msec;                                            
> 
>    if (pkt->level == ssl_encryption_application && pkt->key_update) {           
>        /* switch keys and generate next on Key Phase change */                  
> 
>        qc->key_phase ^= 1;                                                      
>        ngx_quic_keys_switch(c, qc->keys);                                       
>        ngx_post_event(&qc->key_update, &ngx_posted_events);                     
>    }                                                                            
> 
>    return ngx_quic_handle_frames(c, pkt); 
> 
> You may argue that in case of error key update will be posted while it's not
> needed, but this situtation is still possible if we receive two packets and
> the second one triggers an error.  Also, the situation is similar to pto
> handlers.  We may add connection close checks to event handlers to optimize the
> behavior (not sure though).

I don't think it's a good idea.
To prevent a possibility to create a timing signal, generating new
keys should be made after packet processing (including sending part).
Posting the key update event as proposed makes it possible to execute
the event before the push event if it's posted while handing frames,
which makes generating new keys a part of packet processing.

>> [..]
>> -ngx_int_t
>> -ngx_quic_keys_update(ngx_connection_t *c, ngx_quic_keys_t *keys)
>> +void
>> +ngx_quic_keys_update(ngx_event_t *ev)
>> {
>> -    ngx_uint_t           i;
>> -    ngx_quic_hkdf_t      seq[6];
>> -    ngx_quic_ciphers_t   ciphers;
>> -    ngx_quic_secrets_t  *current, *next;
>> +    ngx_uint_t              i;
>> +    ngx_quic_hkdf_t         seq[6];
>> +    ngx_quic_keys_t        *keys;
>> +    ngx_connection_t       *c;
>> +    ngx_quic_ciphers_t      ciphers;
>> +    ngx_quic_secrets_t     *current, *next;
>> +    ngx_quic_connection_t  *qc;
> 
> Now this functions needs a log action.  Similarly, pto handlers need it as well.

Added a log action.

Slightly updated commit message to clarify rationale.

# HG changeset patch
# User Sergey Kandaurov <pluknet at nginx.com>
# Date 1692891114 -14400
#      Thu Aug 24 19:31:54 2023 +0400
# Node ID f349e28c0cf06d69b148660e7ae01a4038384a43
# Parent  44536076405cf79ebdd82a6a0ab27bb3aed86b04
QUIC: posted generating TLS Key Update next keys.

Since at least f9fbeb4ee0de and apparently after 924882f42dea, which
TLS Key Update support predates, queued data output is deferred to a
posted push handler.  To address timing signals after these changes,
generating next keys is made posted to run after the push handler,
which may be posted while handling frames.

diff --git a/src/event/quic/ngx_event_quic.c b/src/event/quic/ngx_event_quic.c
--- a/src/event/quic/ngx_event_quic.c
+++ b/src/event/quic/ngx_event_quic.c
@@ -283,6 +283,10 @@ ngx_quic_new_connection(ngx_connection_t
     qc->path_validation.data = c;
     qc->path_validation.handler = ngx_quic_path_handler;
 
+    qc->key_update.log = c->log;
+    qc->key_update.data = c;
+    qc->key_update.handler = ngx_quic_keys_update;
+
     qc->conf = conf;
 
     if (ngx_quic_init_transport_params(&qc->tp, conf) != NGX_OK) {
@@ -562,6 +566,10 @@ ngx_quic_close_connection(ngx_connection
         ngx_delete_posted_event(&qc->push);
     }
 
+    if (qc->key_update.posted) {
+        ngx_delete_posted_event(&qc->key_update);
+    }
+
     if (qc->close.timer_set) {
         return;
     }
@@ -1055,7 +1063,9 @@ ngx_quic_handle_payload(ngx_connection_t
         return rc;
     }
 
-    return ngx_quic_keys_update(c, qc->keys);
+    ngx_post_event(&qc->key_update, &ngx_posted_events);
+
+    return NGX_OK;
 }
 
 
diff --git a/src/event/quic/ngx_event_quic_connection.h b/src/event/quic/ngx_event_quic_connection.h
--- a/src/event/quic/ngx_event_quic_connection.h
+++ b/src/event/quic/ngx_event_quic_connection.h
@@ -230,6 +230,8 @@ struct ngx_quic_connection_s {
     ngx_event_t                       pto;
     ngx_event_t                       close;
     ngx_event_t                       path_validation;
+    ngx_event_t                       key_update;
+
     ngx_msec_t                        last_cc;
 
     ngx_msec_t                        first_rtt;
diff --git a/src/event/quic/ngx_event_quic_protection.c b/src/event/quic/ngx_event_quic_protection.c
--- a/src/event/quic/ngx_event_quic_protection.c
+++ b/src/event/quic/ngx_event_quic_protection.c
@@ -700,23 +700,32 @@ ngx_quic_keys_switch(ngx_connection_t *c
 }
 
 
-ngx_int_t
-ngx_quic_keys_update(ngx_connection_t *c, ngx_quic_keys_t *keys)
+void
+ngx_quic_keys_update(ngx_event_t *ev)
 {
-    ngx_uint_t           i;
-    ngx_quic_hkdf_t      seq[6];
-    ngx_quic_ciphers_t   ciphers;
-    ngx_quic_secrets_t  *current, *next;
+    ngx_uint_t              i;
+    ngx_quic_hkdf_t         seq[6];
+    ngx_quic_keys_t        *keys;
+    ngx_connection_t       *c;
+    ngx_quic_ciphers_t      ciphers;
+    ngx_quic_secrets_t     *current, *next;
+    ngx_quic_connection_t  *qc;
+
+    c = ev->data;
+    qc = ngx_quic_get_connection(c);
+    keys = qc->keys;
 
     current = &keys->secrets[ssl_encryption_application];
     next = &keys->next_key;
 
     ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic key update");
 
+    c->log->action = "updating keys";
+
     if (ngx_quic_ciphers(keys->cipher, &ciphers, ssl_encryption_application)
         == NGX_ERROR)
     {
-        return NGX_ERROR;
+        goto failed;
     }
 
     next->client.secret.len = current->client.secret.len;
@@ -744,11 +753,15 @@ ngx_quic_keys_update(ngx_connection_t *c
 
     for (i = 0; i < (sizeof(seq) / sizeof(seq[0])); i++) {
         if (ngx_quic_hkdf_expand(&seq[i], ciphers.d, c->log) != NGX_OK) {
-            return NGX_ERROR;
+            goto failed;
         }
     }
 
-    return NGX_OK;
+    return;
+
+failed:
+
+    ngx_quic_close_connection(c, NGX_ERROR);
 }
 
 
diff --git a/src/event/quic/ngx_event_quic_protection.h b/src/event/quic/ngx_event_quic_protection.h
--- a/src/event/quic/ngx_event_quic_protection.h
+++ b/src/event/quic/ngx_event_quic_protection.h
@@ -99,7 +99,7 @@ ngx_uint_t ngx_quic_keys_available(ngx_q
 void ngx_quic_keys_discard(ngx_quic_keys_t *keys,
     enum ssl_encryption_level_t level);
 void ngx_quic_keys_switch(ngx_connection_t *c, ngx_quic_keys_t *keys);
-ngx_int_t ngx_quic_keys_update(ngx_connection_t *c, ngx_quic_keys_t *keys);
+void ngx_quic_keys_update(ngx_event_t *ev);
 ngx_int_t ngx_quic_encrypt(ngx_quic_header_t *pkt, ngx_str_t *res);
 ngx_int_t ngx_quic_decrypt(ngx_quic_header_t *pkt, uint64_t *largest_pn);
 void ngx_quic_compute_nonce(u_char *nonce, size_t len, uint64_t pn);
diff --git a/src/event/quic/ngx_event_quic_ssl.c b/src/event/quic/ngx_event_quic_ssl.c
--- a/src/event/quic/ngx_event_quic_ssl.c
+++ b/src/event/quic/ngx_event_quic_ssl.c
@@ -482,9 +482,7 @@ ngx_quic_crypto_input(ngx_connection_t *
      * Generating next keys before a key update is received.
      */
 
-    if (ngx_quic_keys_update(c, qc->keys) != NGX_OK) {
-        return NGX_ERROR;
-    }
+    ngx_post_event(&qc->key_update, &ngx_posted_events);
 
     /*
      * RFC 9001, 4.9.2.  Discarding Handshake Keys

-- 
Sergey Kandaurov

From arut at nginx.com  Fri Aug 25 09:53:41 2023
From: arut at nginx.com (Roman Arutyunyan)
Date: Fri, 25 Aug 2023 13:53:41 +0400
Subject: [PATCH] QUIC: posted generating TLS Key Update next keys
In-Reply-To: <757009F0-B297-4889-B28F-C6ABBD7C6CBC@nginx.com>
References: <4215a1d1426c23a06df6.1692634631@enoparse.local>
 <20230823113519.hnthpv6c62nhgqt6@N00W24XTQX>
 <757009F0-B297-4889-B28F-C6ABBD7C6CBC@nginx.com>
Message-ID: <20230825095341.f4xbusxikpwfgecu@N00W24XTQX>

Hi,

On Thu, Aug 24, 2023 at 07:37:24PM +0400, Sergey Kandaurov wrote:
> 
> > On 23 Aug 2023, at 15:35, Roman Arutyunyan <arut at nginx.com> wrote:
> > 
> > Hi,
> > 
> > On Mon, Aug 21, 2023 at 08:17:11PM +0400, Sergey Kandaurov wrote:
> >> # HG changeset patch
> >> # User Sergey Kandaurov <pluknet at nginx.com>
> >> # Date 1692634530 -14400
> >> #      Mon Aug 21 20:15:30 2023 +0400
> >> # Node ID 4215a1d1426c23a06df6229b986d36e838594a91
> >> # Parent  44536076405cf79ebdd82a6a0ab27bb3aed86b04
> >> QUIC: posted generating TLS Key Update next keys.
> >> 
> >> Since at least f9fbeb4ee0de, which TLS Key Update support predates,
> >> queued data output is deferred to a posted push handler.  To address
> >> timing signals, generating next keys is posted after handling frames,
> >> to run after posted push handler.
> >> 
> >> diff --git a/src/event/quic/ngx_event_quic.c b/src/event/quic/ngx_event_quic.c
> >> --- a/src/event/quic/ngx_event_quic.c
> >> +++ b/src/event/quic/ngx_event_quic.c
> >> @@ -283,6 +283,10 @@ ngx_quic_new_connection(ngx_connection_t
> >>     qc->path_validation.data = c;
> >>     qc->path_validation.handler = ngx_quic_path_handler;
> >> 
> >> +    qc->key_update.log = c->log;
> >> +    qc->key_update.data = c;
> >> +    qc->key_update.handler = ngx_quic_keys_update;
> > 
> > As discussed before (and addressed in the followup patch), this event
> > should be removed on connection close.
> > 
> >>     qc->conf = conf;
> >> 
> >>     if (ngx_quic_init_transport_params(&qc->tp, conf) != NGX_OK) {
> >> @@ -1055,7 +1059,9 @@ ngx_quic_handle_payload(ngx_connection_t
> >>         return rc;
> >>     }
> > 
> > Unrelated to the patch, but setting the log action above this call
> > does not seem to make sense.  Also, I'd change the way it's set in
> > ngx_quic_handle_frames().
> > 
> >> -    return ngx_quic_keys_update(c, qc->keys);
> >> +    ngx_post_event(&qc->key_update, &ngx_posted_events);
> > 
> > IMHO the code above can be simplified now to become something like this:
> > 
> >    pkt->received = ngx_current_msec;                                            
> > 
> >    if (pkt->level == ssl_encryption_application && pkt->key_update) {           
> >        /* switch keys and generate next on Key Phase change */                  
> > 
> >        qc->key_phase ^= 1;                                                      
> >        ngx_quic_keys_switch(c, qc->keys);                                       
> >        ngx_post_event(&qc->key_update, &ngx_posted_events);                     
> >    }                                                                            
> > 
> >    return ngx_quic_handle_frames(c, pkt); 
> > 
> > You may argue that in case of error key update will be posted while it's not
> > needed, but this situtation is still possible if we receive two packets and
> > the second one triggers an error.  Also, the situation is similar to pto
> > handlers.  We may add connection close checks to event handlers to optimize the
> > behavior (not sure though).
> 
> I don't think it's a good idea.
> To prevent a possibility to create a timing signal, generating new
> keys should be made after packet processing (including sending part).
> Posting the key update event as proposed makes it possible to execute
> the event before the push event if it's posted while handing frames,
> which makes generating new keys a part of packet processing.

Yes, you're right.  Let's leave it as it is.

> >> [..]
> >> -ngx_int_t
> >> -ngx_quic_keys_update(ngx_connection_t *c, ngx_quic_keys_t *keys)
> >> +void
> >> +ngx_quic_keys_update(ngx_event_t *ev)
> >> {
> >> -    ngx_uint_t           i;
> >> -    ngx_quic_hkdf_t      seq[6];
> >> -    ngx_quic_ciphers_t   ciphers;
> >> -    ngx_quic_secrets_t  *current, *next;
> >> +    ngx_uint_t              i;
> >> +    ngx_quic_hkdf_t         seq[6];
> >> +    ngx_quic_keys_t        *keys;
> >> +    ngx_connection_t       *c;
> >> +    ngx_quic_ciphers_t      ciphers;
> >> +    ngx_quic_secrets_t     *current, *next;
> >> +    ngx_quic_connection_t  *qc;
> > 
> > Now this functions needs a log action.  Similarly, pto handlers need it as well.
> 
> Added a log action.
> 
> Slightly updated commit message to clarify rationale.
> 
> # HG changeset patch
> # User Sergey Kandaurov <pluknet at nginx.com>
> # Date 1692891114 -14400
> #      Thu Aug 24 19:31:54 2023 +0400
> # Node ID f349e28c0cf06d69b148660e7ae01a4038384a43
> # Parent  44536076405cf79ebdd82a6a0ab27bb3aed86b04
> QUIC: posted generating TLS Key Update next keys.
> 
> Since at least f9fbeb4ee0de and apparently after 924882f42dea, which
> TLS Key Update support predates, queued data output is deferred to a
> posted push handler.  To address timing signals after these changes,
> generating next keys is made posted to run after the push handler,
> which may be posted while handling frames.

Discussed the commit log, made a few small changes.

> diff --git a/src/event/quic/ngx_event_quic.c b/src/event/quic/ngx_event_quic.c
> --- a/src/event/quic/ngx_event_quic.c
> +++ b/src/event/quic/ngx_event_quic.c
> @@ -283,6 +283,10 @@ ngx_quic_new_connection(ngx_connection_t
>      qc->path_validation.data = c;
>      qc->path_validation.handler = ngx_quic_path_handler;
>  
> +    qc->key_update.log = c->log;
> +    qc->key_update.data = c;
> +    qc->key_update.handler = ngx_quic_keys_update;
> +
>      qc->conf = conf;
>  
>      if (ngx_quic_init_transport_params(&qc->tp, conf) != NGX_OK) {
> @@ -562,6 +566,10 @@ ngx_quic_close_connection(ngx_connection
>          ngx_delete_posted_event(&qc->push);
>      }
>  
> +    if (qc->key_update.posted) {
> +        ngx_delete_posted_event(&qc->key_update);
> +    }
> +
>      if (qc->close.timer_set) {
>          return;
>      }
> @@ -1055,7 +1063,9 @@ ngx_quic_handle_payload(ngx_connection_t
>          return rc;
>      }
>  
> -    return ngx_quic_keys_update(c, qc->keys);
> +    ngx_post_event(&qc->key_update, &ngx_posted_events);
> +
> +    return NGX_OK;
>  }
>  
>  
> diff --git a/src/event/quic/ngx_event_quic_connection.h b/src/event/quic/ngx_event_quic_connection.h
> --- a/src/event/quic/ngx_event_quic_connection.h
> +++ b/src/event/quic/ngx_event_quic_connection.h
> @@ -230,6 +230,8 @@ struct ngx_quic_connection_s {
>      ngx_event_t                       pto;
>      ngx_event_t                       close;
>      ngx_event_t                       path_validation;
> +    ngx_event_t                       key_update;
> +
>      ngx_msec_t                        last_cc;
>  
>      ngx_msec_t                        first_rtt;
> diff --git a/src/event/quic/ngx_event_quic_protection.c b/src/event/quic/ngx_event_quic_protection.c
> --- a/src/event/quic/ngx_event_quic_protection.c
> +++ b/src/event/quic/ngx_event_quic_protection.c
> @@ -700,23 +700,32 @@ ngx_quic_keys_switch(ngx_connection_t *c
>  }
>  
>  
> -ngx_int_t
> -ngx_quic_keys_update(ngx_connection_t *c, ngx_quic_keys_t *keys)
> +void
> +ngx_quic_keys_update(ngx_event_t *ev)
>  {
> -    ngx_uint_t           i;
> -    ngx_quic_hkdf_t      seq[6];
> -    ngx_quic_ciphers_t   ciphers;
> -    ngx_quic_secrets_t  *current, *next;
> +    ngx_uint_t              i;
> +    ngx_quic_hkdf_t         seq[6];
> +    ngx_quic_keys_t        *keys;
> +    ngx_connection_t       *c;
> +    ngx_quic_ciphers_t      ciphers;
> +    ngx_quic_secrets_t     *current, *next;
> +    ngx_quic_connection_t  *qc;
> +
> +    c = ev->data;
> +    qc = ngx_quic_get_connection(c);
> +    keys = qc->keys;
>  
>      current = &keys->secrets[ssl_encryption_application];
>      next = &keys->next_key;
>  
>      ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic key update");
>  
> +    c->log->action = "updating keys";
> +
>      if (ngx_quic_ciphers(keys->cipher, &ciphers, ssl_encryption_application)
>          == NGX_ERROR)
>      {
> -        return NGX_ERROR;
> +        goto failed;
>      }
>  
>      next->client.secret.len = current->client.secret.len;
> @@ -744,11 +753,15 @@ ngx_quic_keys_update(ngx_connection_t *c
>  
>      for (i = 0; i < (sizeof(seq) / sizeof(seq[0])); i++) {
>          if (ngx_quic_hkdf_expand(&seq[i], ciphers.d, c->log) != NGX_OK) {
> -            return NGX_ERROR;
> +            goto failed;
>          }
>      }
>  
> -    return NGX_OK;
> +    return;
> +
> +failed:
> +
> +    ngx_quic_close_connection(c, NGX_ERROR);
>  }
>  
>  
> diff --git a/src/event/quic/ngx_event_quic_protection.h b/src/event/quic/ngx_event_quic_protection.h
> --- a/src/event/quic/ngx_event_quic_protection.h
> +++ b/src/event/quic/ngx_event_quic_protection.h
> @@ -99,7 +99,7 @@ ngx_uint_t ngx_quic_keys_available(ngx_q
>  void ngx_quic_keys_discard(ngx_quic_keys_t *keys,
>      enum ssl_encryption_level_t level);
>  void ngx_quic_keys_switch(ngx_connection_t *c, ngx_quic_keys_t *keys);
> -ngx_int_t ngx_quic_keys_update(ngx_connection_t *c, ngx_quic_keys_t *keys);
> +void ngx_quic_keys_update(ngx_event_t *ev);
>  ngx_int_t ngx_quic_encrypt(ngx_quic_header_t *pkt, ngx_str_t *res);
>  ngx_int_t ngx_quic_decrypt(ngx_quic_header_t *pkt, uint64_t *largest_pn);
>  void ngx_quic_compute_nonce(u_char *nonce, size_t len, uint64_t pn);
> diff --git a/src/event/quic/ngx_event_quic_ssl.c b/src/event/quic/ngx_event_quic_ssl.c
> --- a/src/event/quic/ngx_event_quic_ssl.c
> +++ b/src/event/quic/ngx_event_quic_ssl.c
> @@ -482,9 +482,7 @@ ngx_quic_crypto_input(ngx_connection_t *
>       * Generating next keys before a key update is received.
>       */
>  
> -    if (ngx_quic_keys_update(c, qc->keys) != NGX_OK) {
> -        return NGX_ERROR;
> -    }
> +    ngx_post_event(&qc->key_update, &ngx_posted_events);
>  
>      /*
>       * RFC 9001, 4.9.2.  Discarding Handshake Keys
> 
> -- 
> Sergey Kandaurov

Looks ok

From pluknet at nginx.com  Fri Aug 25 12:46:46 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Fri, 25 Aug 2023 12:46:46 +0000
Subject: [nginx] Version bump.
Message-ID: <hg.933f37273282.1692967606.6026610855610030274@dev.nginx>

details:   https://hg.nginx.org/nginx/rev/933f37273282
branches:  
changeset: 9151:933f37273282
user:      Sergey Kandaurov <pluknet at nginx.com>
date:      Fri Aug 25 16:39:14 2023 +0400
description:
Version bump.

diffstat:

 src/core/nginx.h |  4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diffs (14 lines):

diff -r 44536076405c -r 933f37273282 src/core/nginx.h
--- a/src/core/nginx.h	Tue Aug 15 20:03:04 2023 +0300
+++ b/src/core/nginx.h	Fri Aug 25 16:39:14 2023 +0400
@@ -9,8 +9,8 @@
 #define _NGINX_H_INCLUDED_
 
 
-#define nginx_version      1025002
-#define NGINX_VERSION      "1.25.2"
+#define nginx_version      1025003
+#define NGINX_VERSION      "1.25.3"
 #define NGINX_VER          "nginx/" NGINX_VERSION
 
 #ifdef NGX_BUILD

From pluknet at nginx.com  Fri Aug 25 12:46:49 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Fri, 25 Aug 2023 12:46:49 +0000
Subject: [nginx] QUIC: posted generating TLS Key Update next keys.
Message-ID: <hg.2880f60a80c3.1692967609.6026610855610030274@dev.nginx>

details:   https://hg.nginx.org/nginx/rev/2880f60a80c3
branches:  
changeset: 9152:2880f60a80c3
user:      Sergey Kandaurov <pluknet at nginx.com>
date:      Fri Aug 25 13:51:38 2023 +0400
description:
QUIC: posted generating TLS Key Update next keys.

Since at least f9fbeb4ee0de and certainly after 924882f42dea, which
TLS Key Update support predates, queued data output is deferred to a
posted push handler.  To address timing signals after these changes,
generating next keys is now posted to run after the push handler.

diffstat:

 src/event/quic/ngx_event_quic.c            |  12 ++++++++++-
 src/event/quic/ngx_event_quic_connection.h |   2 +
 src/event/quic/ngx_event_quic_protection.c |  31 +++++++++++++++++++++--------
 src/event/quic/ngx_event_quic_protection.h |   2 +-
 src/event/quic/ngx_event_quic_ssl.c        |   4 +--
 5 files changed, 37 insertions(+), 14 deletions(-)

diffs (135 lines):

diff -r 933f37273282 -r 2880f60a80c3 src/event/quic/ngx_event_quic.c
--- a/src/event/quic/ngx_event_quic.c	Fri Aug 25 16:39:14 2023 +0400
+++ b/src/event/quic/ngx_event_quic.c	Fri Aug 25 13:51:38 2023 +0400
@@ -283,6 +283,10 @@ ngx_quic_new_connection(ngx_connection_t
     qc->path_validation.data = c;
     qc->path_validation.handler = ngx_quic_path_handler;
 
+    qc->key_update.log = c->log;
+    qc->key_update.data = c;
+    qc->key_update.handler = ngx_quic_keys_update;
+
     qc->conf = conf;
 
     if (ngx_quic_init_transport_params(&qc->tp, conf) != NGX_OK) {
@@ -562,6 +566,10 @@ ngx_quic_close_connection(ngx_connection
         ngx_delete_posted_event(&qc->push);
     }
 
+    if (qc->key_update.posted) {
+        ngx_delete_posted_event(&qc->key_update);
+    }
+
     if (qc->close.timer_set) {
         return;
     }
@@ -1055,7 +1063,9 @@ ngx_quic_handle_payload(ngx_connection_t
         return rc;
     }
 
-    return ngx_quic_keys_update(c, qc->keys);
+    ngx_post_event(&qc->key_update, &ngx_posted_events);
+
+    return NGX_OK;
 }
 
 
diff -r 933f37273282 -r 2880f60a80c3 src/event/quic/ngx_event_quic_connection.h
--- a/src/event/quic/ngx_event_quic_connection.h	Fri Aug 25 16:39:14 2023 +0400
+++ b/src/event/quic/ngx_event_quic_connection.h	Fri Aug 25 13:51:38 2023 +0400
@@ -230,6 +230,8 @@ struct ngx_quic_connection_s {
     ngx_event_t                       pto;
     ngx_event_t                       close;
     ngx_event_t                       path_validation;
+    ngx_event_t                       key_update;
+
     ngx_msec_t                        last_cc;
 
     ngx_msec_t                        first_rtt;
diff -r 933f37273282 -r 2880f60a80c3 src/event/quic/ngx_event_quic_protection.c
--- a/src/event/quic/ngx_event_quic_protection.c	Fri Aug 25 16:39:14 2023 +0400
+++ b/src/event/quic/ngx_event_quic_protection.c	Fri Aug 25 13:51:38 2023 +0400
@@ -700,23 +700,32 @@ ngx_quic_keys_switch(ngx_connection_t *c
 }
 
 
-ngx_int_t
-ngx_quic_keys_update(ngx_connection_t *c, ngx_quic_keys_t *keys)
+void
+ngx_quic_keys_update(ngx_event_t *ev)
 {
-    ngx_uint_t           i;
-    ngx_quic_hkdf_t      seq[6];
-    ngx_quic_ciphers_t   ciphers;
-    ngx_quic_secrets_t  *current, *next;
+    ngx_uint_t              i;
+    ngx_quic_hkdf_t         seq[6];
+    ngx_quic_keys_t        *keys;
+    ngx_connection_t       *c;
+    ngx_quic_ciphers_t      ciphers;
+    ngx_quic_secrets_t     *current, *next;
+    ngx_quic_connection_t  *qc;
+
+    c = ev->data;
+    qc = ngx_quic_get_connection(c);
+    keys = qc->keys;
 
     current = &keys->secrets[ssl_encryption_application];
     next = &keys->next_key;
 
     ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic key update");
 
+    c->log->action = "updating keys";
+
     if (ngx_quic_ciphers(keys->cipher, &ciphers, ssl_encryption_application)
         == NGX_ERROR)
     {
-        return NGX_ERROR;
+        goto failed;
     }
 
     next->client.secret.len = current->client.secret.len;
@@ -744,11 +753,15 @@ ngx_quic_keys_update(ngx_connection_t *c
 
     for (i = 0; i < (sizeof(seq) / sizeof(seq[0])); i++) {
         if (ngx_quic_hkdf_expand(&seq[i], ciphers.d, c->log) != NGX_OK) {
-            return NGX_ERROR;
+            goto failed;
         }
     }
 
-    return NGX_OK;
+    return;
+
+failed:
+
+    ngx_quic_close_connection(c, NGX_ERROR);
 }
 
 
diff -r 933f37273282 -r 2880f60a80c3 src/event/quic/ngx_event_quic_protection.h
--- a/src/event/quic/ngx_event_quic_protection.h	Fri Aug 25 16:39:14 2023 +0400
+++ b/src/event/quic/ngx_event_quic_protection.h	Fri Aug 25 13:51:38 2023 +0400
@@ -99,7 +99,7 @@ ngx_uint_t ngx_quic_keys_available(ngx_q
 void ngx_quic_keys_discard(ngx_quic_keys_t *keys,
     enum ssl_encryption_level_t level);
 void ngx_quic_keys_switch(ngx_connection_t *c, ngx_quic_keys_t *keys);
-ngx_int_t ngx_quic_keys_update(ngx_connection_t *c, ngx_quic_keys_t *keys);
+void ngx_quic_keys_update(ngx_event_t *ev);
 ngx_int_t ngx_quic_encrypt(ngx_quic_header_t *pkt, ngx_str_t *res);
 ngx_int_t ngx_quic_decrypt(ngx_quic_header_t *pkt, uint64_t *largest_pn);
 void ngx_quic_compute_nonce(u_char *nonce, size_t len, uint64_t pn);
diff -r 933f37273282 -r 2880f60a80c3 src/event/quic/ngx_event_quic_ssl.c
--- a/src/event/quic/ngx_event_quic_ssl.c	Fri Aug 25 16:39:14 2023 +0400
+++ b/src/event/quic/ngx_event_quic_ssl.c	Fri Aug 25 13:51:38 2023 +0400
@@ -482,9 +482,7 @@ ngx_quic_crypto_input(ngx_connection_t *
      * Generating next keys before a key update is received.
      */
 
-    if (ngx_quic_keys_update(c, qc->keys) != NGX_OK) {
-        return NGX_ERROR;
-    }
+    ngx_post_event(&qc->key_update, &ngx_posted_events);
 
     /*
      * RFC 9001, 4.9.2.  Discarding Handshake Keys

From claireecf at gmail.com  Sat Aug 26 08:04:18 2023
From: claireecf at gmail.com (claire liu)
Date: Sat, 26 Aug 2023 03:04:18 -0500
Subject: Connection Migration Issue
Message-ID: <CAPWKkO_RU3jvgemTDgJTe-ZM3Sf4hykUPTtWre1esbjmJoi_2Q@mail.gmail.com>

Hello Development Team,

I'd like to inquire about the Connection Migration feature of QUIC in
nginx/1.25.2 mainline. While downloading a large file, I noticed the
connection was interrupted when I switched my internet connection. Is this
feature enabled by default, or do I need to manually activate it? If manual
activation is required, could you guide me on how to configure it?

Thank you for your assistance.

Best regards,
Claire
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20230826/c9b1c3f0/attachment.htm>

From jordanc.carter at outlook.com  Sat Aug 26 18:13:59 2023
From: jordanc.carter at outlook.com (J Carter)
Date: Sat, 26 Aug 2023 19:13:59 +0100
Subject: [PATCH] Added debug_random directive
In-Reply-To: <LO0P123MB63190031849B0A8B468A1B219E02A@LO0P123MB6319.GBRP123.PROD.OUTLOOK.COM>
References: <LO0P123MB63194D794B1808A023A7FC9C9E35A@LO0P123MB6319.GBRP123.PROD.OUTLOOK.COM>
 <LO0P123MB63193421DA656E482B9357FF9E38A@LO0P123MB6319.GBRP123.PROD.OUTLOOK.COM>
 <LO0P123MB63190031849B0A8B468A1B219E02A@LO0P123MB6319.GBRP123.PROD.OUTLOOK.COM>
Message-ID: <LO0P123MB6319D3E5B66D653CCAD529919EE2A@LO0P123MB6319.GBRP123.PROD.OUTLOOK.COM>

Hello,

Thanks for the review.

> On Mon, Jul 24, 2023 at 05:24:04AM +0100, J Carter wrote:
> 
> [..]
> 
> > # HG changeset patch
> > # User J Carter <jordanc.carter at outlook.com>
> > # Date 1690171706 -3600
> > #      Mon Jul 24 05:08:26 2023 +0100
> > # Node ID ea91b9aa69d8ce9dc9878209a83b7d538e6bc7e1
> > # Parent  77c1418916f7817a0d020f28d8a08f278a12fe43
> > Added debug_random directive
> 
> This line needs a prefix, for example:
> 
> Events: debug_random directive.
> 

Understood, fixed. 

> See "hg log" for common prefixes used in nginx commits.
> 
> > More bug fixes and style changes.
> > 
> > diff -r 77c1418916f7 -r ea91b9aa69d8 src/event/ngx_event.c
> > --- a/src/event/ngx_event.c	Thu Jun 08 14:58:01 2023 +0400
> > +++ b/src/event/ngx_event.c	Mon Jul 24 05:08:26 2023 +0100
> > @@ -30,6 +30,8 @@
> >  static char *ngx_event_use(ngx_conf_t *cf, ngx_command_t *cmd, void *conf);
> >  static char *ngx_event_debug_connection(ngx_conf_t *cf, ngx_command_t *cmd,
> >      void *conf);
> > +static char *ngx_event_debug_random(ngx_conf_t *cf, ngx_command_t *cmd,
> > +    void *conf);
> >  
> >  static void *ngx_event_core_create_conf(ngx_cycle_t *cycle);
> >  static char *ngx_event_core_init_conf(ngx_cycle_t *cycle, void *conf);
> > @@ -162,6 +164,13 @@
> >        0,
> >        NULL },
> >  
> > +      { ngx_string("debug_random"),
> > +      NGX_EVENT_CONF|NGX_CONF_TAKE1,
> > +      ngx_event_debug_random,
> > +      0,
> > +      0,
> > +      NULL },
> > +
> >        ngx_null_command
> >  };
> >  
> > @@ -496,6 +505,7 @@
> >      size_t               size, cl;
> >      ngx_shm_t            shm;
> >      ngx_time_t          *tp;
> > +    ngx_cidr_t          *cidr;
> >      ngx_core_conf_t     *ccf;
> >      ngx_event_conf_t    *ecf;
> >  
> > @@ -507,6 +517,33 @@
> >                        "using the \"%s\" event method", ecf->name);
> >      }
> >  
> > +    if (ecf->debug_connection.nelts == 0
> > +        && ecf->debug_scaled_pct > 0)
> > +    {
> > +        cidr = ngx_array_push(&ecf->debug_connection);
> > +        if (cidr == NULL) {
> > +            return NGX_ERROR;
> > +        }
> > +        /*0.0.0.0/0*/
> > +        ngx_memzero(cidr, sizeof(ngx_cidr_t));
> > +        cidr->family = AF_INET;
> > +
> > +#ifdef NGX_HAVE_INET6
> > +        cidr = ngx_array_push(&ecf->debug_connection);
> > +        if (cidr == NULL) {
> > +            return NGX_ERROR;
> > +        }
> > +        /*::/0*/
> > +        ngx_memzero(cidr, sizeof(ngx_cidr_t));
> > +        cidr->family = AF_INET6;
> > +#endif
> > +
> > +    } else if (ecf->debug_connection.nelts > 0
> > +               && ecf->debug_scaled_pct == 0)
> > +    {
> > +        ecf->debug_scaled_pct = NGX_MAX_INT32_VALUE;
> > +    }
> > +
> 
> Why do we need this code?  It looks to me like everything can be done in
> ngx_debug_accepted_connection().
> 

The previous attempt (further back in this thread) had this logic in 
ngx_debug_accepted_connection(), however I changed it to this style as it made
the logic of that function very messy, and introduced new special cases.

With this method, I am simply utilizing the standard mechanisms 
(same as a user would use, debug_connections) to add mark all IPV4/V6 
connections as candidates for selection.

In any case - the "else if" section must be done in this function. 

> >      ccf = (ngx_core_conf_t *) ngx_get_conf(cycle->conf_ctx, ngx_core_module);
> >  
> >      ngx_timer_resolution = ccf->timer_resolution;
> > @@ -1254,6 +1291,55 @@
> >  }
> >  
> >  
> > +static char *
> > +ngx_event_debug_random(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
> > +{
> > +#if (NGX_DEBUG)
> > +    ngx_event_conf_t  *ecf = conf;
> > +
> > +    u_char               *c;
> > +    ngx_int_t             pct;
> > +    ngx_uint_t            len;
> > +    ngx_str_t            *value;
> > +
> > +    if (ecf->debug_scaled_pct != NGX_CONF_UNSET_UINT) {
> > +        return "is duplicate";
> > +    }
> > +
> > +    value = cf->args->elts;
> > +    c = value[1].data;
> > +    len = value[1].len;
> > +
> > +    if (c[len-1] != '%') {
> > +        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
> > +                               "%V missing '%%'",
> > +                               &value[1]);
> > +        return NGX_CONF_ERROR;
> > +    }
> > +
> > +    pct = ngx_atofp(c, len-1, 2);
> > +
> > +    if (pct == NGX_ERROR || pct == 0 || pct > 9999) {
> > +        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
> > +                               "%V is an invalid value",
> > +                               &value[1]);
> > +        return NGX_CONF_ERROR;
> > +    }
> > +
> > +    ecf->debug_scaled_pct = NGX_MAX_INT32_VALUE / 10000 * pct;
> 
> We already have a similar handler that parses percent argument, see              
> ngx_stream_split_clients().  Style-wise it's a good idea to follow the           
> style/naming of existing code. 
> 

Understood, I have updated the parsing logic to more closely match 
the style of split clients.

> Also, why not store 0-10000 value range in configuration and use
> ngx_random() % 10000 in runtime?
> 

By scaling this to INT_MAX range at configuration load time I avoid the 
overhead of division for every connection accept (and I can't see a 
disadvantage to doing this).

I notice in in ngx_http_split_clients (line 192) it appears to also do
prescaling for the ranges (to uint32 max in that case) and so it also
avoids division when comparing the ranges to hashed input at runtime. 

> > +#else
> > +
> > +    ngx_conf_log_error(NGX_LOG_WARN, cf, 0,
> > +                       "\"debug_random\" is ignored, you need to rebuild "
> > +                       "nginx using --with-debug option to enable it");
> > +
> > +#endif
> > +
> > +    return NGX_CONF_OK;
> > +}
> > +
> > +
> >  static void *
> >  ngx_event_core_create_conf(ngx_cycle_t *cycle)
> >  {
> > @@ -1279,6 +1365,8 @@
> >          return NULL;
> >      }
> >  
> > +    ecf->debug_scaled_pct = NGX_CONF_UNSET_UINT;
> > +
> >  #endif
> >  
> >      return ecf;
> > @@ -1369,5 +1457,7 @@
> >      ngx_conf_init_value(ecf->accept_mutex, 0);
> >      ngx_conf_init_msec_value(ecf->accept_mutex_delay, 500);
> >  
> > +    ngx_conf_init_uint_value(ecf->debug_scaled_pct, 0);
> > +
> >      return NGX_CONF_OK;
> >  }
> > diff -r 77c1418916f7 -r ea91b9aa69d8 src/event/ngx_event.h
> > --- a/src/event/ngx_event.h	Thu Jun 08 14:58:01 2023 +0400
> > +++ b/src/event/ngx_event.h	Mon Jul 24 05:08:26 2023 +0100
> > @@ -438,6 +438,7 @@
> >      u_char       *name;
> >  
> >  #if (NGX_DEBUG)
> > +    ngx_uint_t    debug_scaled_pct;
> >      ngx_array_t   debug_connection;
> >  #endif
> >  } ngx_event_conf_t;
> > diff -r 77c1418916f7 -r ea91b9aa69d8 src/event/ngx_event_accept.c
> > --- a/src/event/ngx_event_accept.c	Thu Jun 08 14:58:01 2023 +0400
> > +++ b/src/event/ngx_event_accept.c	Mon Jul 24 05:08:26 2023 +0100
> > @@ -523,6 +523,7 @@
> >      struct sockaddr_in6  *sin6;
> >      ngx_uint_t            n;
> >  #endif
> > +    ngx_uint_t r = ngx_random();
> 
> Style: we do not initialize non-static local variables like that.
> Instead, a variable is initialized explicitly in the code after declaration.
>

Understood, fixed. 
 
> >  
> >      cidr = ecf->debug_connection.elts;
> >      for (i = 0; i < ecf->debug_connection.nelts; i++) {
> > @@ -548,6 +549,7 @@
> >  
> >  #if (NGX_HAVE_UNIX_DOMAIN)
> >          case AF_UNIX:
> > +            r = 0;
> >              break;
> >  #endif
> >  
> > @@ -561,7 +563,10 @@
> >              break;
> >          }
> >  
> > -        c->log->log_level = NGX_LOG_DEBUG_CONNECTION|NGX_LOG_DEBUG_ALL;
> > +        if (r <= ecf->debug_scaled_pct) {
> > +            c->log->log_level = NGX_LOG_DEBUG_CONNECTION|NGX_LOG_DEBUG_ALL;
> > +        }
> > +
> >          break;
> >  
> >      next:
> > 

I've added some additional style fixes & preprocess fixes
(missing #if(debug)s), and also updated the commit message all into one.


# HG changeset patch
# User J Carter <jordanc.carter at outlook.com>
# Date 1693056585 -3600
#      Sat Aug 26 14:29:45 2023 +0100
# Node ID 2f95db29f38476e76cdfc5e2d0a59a0c569b74f5
# Parent  77c1418916f7817a0d020f28d8a08f278a12fe43
Events: debug_random directive

This directive enforces for EITHER a percentage of total connections
OR a percentage of connections matched by debug_connection CIDRs
to have debug logging enabled.

This is not performed for AF_UNIX connections, previous
debug_connections handling still applies.

This directive is useful for debugging nginx when under high load
(production) - where logging all connections with debug error log is not
possible without disrupting traffic.

This directive takes a value between 0.00%-100.00% exclusive.

Example usage:

events {
     worker_connections  1024;
     #if uncommented, the percentage applies to connection from lo.
     #debug_connection    127.0.0.0/8;
     debug_random        1%;
}

diff -r 77c1418916f7 -r 2f95db29f384 src/event/ngx_event.c
--- a/src/event/ngx_event.c	Thu Jun 08 14:58:01 2023 +0400
+++ b/src/event/ngx_event.c	Sat Aug 26 14:29:45 2023 +0100
@@ -30,6 +30,8 @@
 static char *ngx_event_use(ngx_conf_t *cf, ngx_command_t *cmd, void *conf);
 static char *ngx_event_debug_connection(ngx_conf_t *cf, ngx_command_t *cmd,
     void *conf);
+static char *ngx_event_debug_random(ngx_conf_t *cf, ngx_command_t *cmd,
+    void *conf);
 
 static void *ngx_event_core_create_conf(ngx_cycle_t *cycle);
 static char *ngx_event_core_init_conf(ngx_cycle_t *cycle, void *conf);
@@ -162,6 +164,13 @@
       0,
       NULL },
 
+      { ngx_string("debug_random"),
+      NGX_EVENT_CONF|NGX_CONF_TAKE1,
+      ngx_event_debug_random,
+      0,
+      0,
+      NULL },
+
       ngx_null_command
 };
 
@@ -498,6 +507,9 @@
     ngx_time_t          *tp;
     ngx_core_conf_t     *ccf;
     ngx_event_conf_t    *ecf;
+#if (NGX_DEBUG)
+    ngx_cidr_t          *cidr;
+#endif
 
     cf = ngx_get_conf(cycle->conf_ctx, ngx_events_module);
     ecf = (*cf)[ngx_event_core_module.ctx_index];
@@ -507,6 +519,35 @@
                       "using the \"%s\" event method", ecf->name);
     }
 
+#if (NGX_DEBUG)
+    if (ecf->debug_connection.nelts == 0
+        && ecf->debug_percent > 0)
+    {
+        cidr = ngx_array_push(&ecf->debug_connection);
+        if (cidr == NULL) {
+            return NGX_ERROR;
+        }
+        /*0.0.0.0/0*/
+        ngx_memzero(cidr, sizeof(ngx_cidr_t));
+        cidr->family = AF_INET;
+
+    #if (NGX_HAVE_INET6)
+        cidr = ngx_array_push(&ecf->debug_connection);
+        if (cidr == NULL) {
+            return NGX_ERROR;
+        }
+        /*::/0*/
+        ngx_memzero(cidr, sizeof(ngx_cidr_t));
+        cidr->family = AF_INET6;
+    #endif
+
+    } else if (ecf->debug_connection.nelts > 0
+               && ecf->debug_percent == 0)
+    {
+        ecf->debug_percent = NGX_MAX_INT32_VALUE;
+    }
+#endif
+
     ccf = (ngx_core_conf_t *) ngx_get_conf(cycle->conf_ctx, ngx_core_module);
 
     ngx_timer_resolution = ccf->timer_resolution;
@@ -1254,6 +1295,53 @@
 }
 
 
+static char *
+ngx_event_debug_random(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+{
+#if (NGX_DEBUG)
+    ngx_event_conf_t  *ecf = conf;
+
+    ngx_int_t             n;
+    ngx_str_t            *value;
+
+    if (ecf->debug_percent != NGX_CONF_UNSET_UINT) {
+        return "is duplicate";
+    }
+
+    value = cf->args->elts;
+
+    if (value[1].len == 0 || value[1].data[value[1].len -1] != '%') {
+        goto invalid;
+    }
+
+    n = ngx_atofp(value[1].data, value[1].len - 1, 2);
+
+    if (n == NGX_ERROR || n == 0 || n > 9999) {
+        goto invalid;
+    }
+
+    ecf->debug_percent = (ngx_uint_t)
+                         (n * (uint64_t) NGX_MAX_INT32_VALUE / 10000);
+
+    return NGX_CONF_OK;
+
+invalid:
+
+    ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                       "invalid percent value \"%V\"", &value[1]);
+
+#else
+
+    ngx_conf_log_error(NGX_LOG_WARN, cf, 0,
+                       "\"debug_random\" is ignored, you need to rebuild "
+                       "nginx using --with-debug option to enable it");
+
+#endif
+
+    return NGX_CONF_ERROR;
+}
+
+
 static void *
 ngx_event_core_create_conf(ngx_cycle_t *cycle)
 {
@@ -1279,6 +1367,8 @@
         return NULL;
     }
 
+    ecf->debug_percent = NGX_CONF_UNSET_UINT;
+
 #endif
 
     return ecf;
@@ -1369,5 +1459,9 @@
     ngx_conf_init_value(ecf->accept_mutex, 0);
     ngx_conf_init_msec_value(ecf->accept_mutex_delay, 500);
 
+#if (NGX_DEBUG)
+    ngx_conf_init_uint_value(ecf->debug_percent, 0);
+#endif
+
     return NGX_CONF_OK;
 }
diff -r 77c1418916f7 -r 2f95db29f384 src/event/ngx_event.h
--- a/src/event/ngx_event.h	Thu Jun 08 14:58:01 2023 +0400
+++ b/src/event/ngx_event.h	Sat Aug 26 14:29:45 2023 +0100
@@ -438,6 +438,7 @@
     u_char       *name;
 
 #if (NGX_DEBUG)
+    ngx_uint_t    debug_percent;
     ngx_array_t   debug_connection;
 #endif
 } ngx_event_conf_t;
diff -r 77c1418916f7 -r 2f95db29f384 src/event/ngx_event_accept.c
--- a/src/event/ngx_event_accept.c	Thu Jun 08 14:58:01 2023 +0400
+++ b/src/event/ngx_event_accept.c	Sat Aug 26 14:29:45 2023 +0100
@@ -518,12 +518,14 @@
 {
     struct sockaddr_in   *sin;
     ngx_cidr_t           *cidr;
-    ngx_uint_t            i;
+    ngx_uint_t            i, r;
 #if (NGX_HAVE_INET6)
     struct sockaddr_in6  *sin6;
     ngx_uint_t            n;
 #endif
 
+    r = ngx_random();
+
     cidr = ecf->debug_connection.elts;
     for (i = 0; i < ecf->debug_connection.nelts; i++) {
         if (cidr[i].family != (ngx_uint_t) c->sockaddr->sa_family) {
@@ -548,6 +550,7 @@
 
 #if (NGX_HAVE_UNIX_DOMAIN)
         case AF_UNIX:
+            r = 0;
             break;
 #endif
 
@@ -561,7 +564,10 @@
             break;
         }
 
-        c->log->log_level = NGX_LOG_DEBUG_CONNECTION|NGX_LOG_DEBUG_ALL;
+        if (r <= ecf->debug_percent) {
+            c->log->log_level = NGX_LOG_DEBUG_CONNECTION|NGX_LOG_DEBUG_ALL;
+        }
+
         break;
 
     next:


-------------- next part --------------
A non-text attachment was scrubbed...
Name: hgexport
Type: application/octet-stream
Size: 6009 bytes
Desc: not available
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20230826/67155e16/attachment.obj>

From arut at nginx.com  Mon Aug 28 12:30:42 2023
From: arut at nginx.com (=?iso-8859-1?q?Roman_Arutyunyan?=)
Date: Mon, 28 Aug 2023 16:30:42 +0400
Subject: [PATCH 0 of 2] Limiting shutdown workers
Message-ID: <patchbomb.1693225842@arut-laptop>

The patchset adds "max_shutdown_workers" directive, which can optimize resource
consumption while reloading nginx configuration.

--
Roman Arutyunyan

From arut at nginx.com  Mon Aug 28 12:30:43 2023
From: arut at nginx.com (=?iso-8859-1?q?Roman_Arutyunyan?=)
Date: Mon, 28 Aug 2023 16:30:43 +0400
Subject: [PATCH 1 of 2] Added functions for starting and signaling a single
 worker
In-Reply-To: <patchbomb.1693225842@arut-laptop>
References: <patchbomb.1693225842@arut-laptop>
Message-ID: <fdad00808cb485ab83e9.1693225843@arut-laptop>

# HG changeset patch
# User Roman Arutyunyan <arut at nginx.com>
# Date 1692694526 -14400
#      Tue Aug 22 12:55:26 2023 +0400
# Node ID fdad00808cb485ab83e919be59e9211ef06ac56a
# Parent  58afcd72446ff33811e773f1cabb7866a92a09a0
Added functions for starting and signaling a single worker.

The functions are ngx_start_worker_process() and ngx_signal_worker_process().
This change is a preparation for limiting the number of shutdown workers while
reloading nginx configuration.

diff --git a/src/os/unix/ngx_process_cycle.c b/src/os/unix/ngx_process_cycle.c
--- a/src/os/unix/ngx_process_cycle.c
+++ b/src/os/unix/ngx_process_cycle.c
@@ -13,10 +13,14 @@
 
 static void ngx_start_worker_processes(ngx_cycle_t *cycle, ngx_int_t n,
     ngx_int_t type);
+static void ngx_start_worker_process(ngx_cycle_t *cycle, ngx_int_t i,
+    ngx_int_t type);
 static void ngx_start_cache_manager_processes(ngx_cycle_t *cycle,
     ngx_uint_t respawn);
 static void ngx_pass_open_channel(ngx_cycle_t *cycle);
 static void ngx_signal_worker_processes(ngx_cycle_t *cycle, int signo);
+static void ngx_signal_worker_process(ngx_cycle_t *cycle, ngx_int_t i,
+    int signo);
 static ngx_uint_t ngx_reap_children(ngx_cycle_t *cycle);
 static void ngx_master_process_exit(ngx_cycle_t *cycle);
 static void ngx_worker_process_cycle(ngx_cycle_t *cycle, void *data);
@@ -340,12 +344,18 @@ ngx_start_worker_processes(ngx_cycle_t *
     ngx_log_error(NGX_LOG_NOTICE, cycle->log, 0, "start worker processes");
 
     for (i = 0; i < n; i++) {
+        ngx_start_worker_process(cycle, i, type);
+    }
+}
 
-        ngx_spawn_process(cycle, ngx_worker_process_cycle,
-                          (void *) (intptr_t) i, "worker process", type);
 
-        ngx_pass_open_channel(cycle);
-    }
+static void
+ngx_start_worker_process(ngx_cycle_t *cycle, ngx_int_t i, ngx_int_t type)
+{
+    ngx_spawn_process(cycle, ngx_worker_process_cycle,
+                      (void *) (intptr_t) i, "worker process", type);
+
+    ngx_pass_open_channel(cycle);
 }
 
 
@@ -431,7 +441,17 @@ ngx_pass_open_channel(ngx_cycle_t *cycle
 static void
 ngx_signal_worker_processes(ngx_cycle_t *cycle, int signo)
 {
-    ngx_int_t      i;
+    ngx_int_t  i;
+
+    for (i = 0; i < ngx_last_process; i++) {
+        ngx_signal_worker_process(cycle, i, signo);
+    }
+}
+
+
+static void
+ngx_signal_worker_process(ngx_cycle_t *cycle, ngx_int_t i, int signo)
+{
     ngx_err_t      err;
     ngx_channel_t  ch;
 
@@ -466,66 +486,63 @@ ngx_signal_worker_processes(ngx_cycle_t 
     ch.fd = -1;
 
 
-    for (i = 0; i < ngx_last_process; i++) {
+    ngx_log_debug7(NGX_LOG_DEBUG_EVENT, cycle->log, 0,
+                   "child: %i %P e:%d t:%d d:%d r:%d j:%d",
+                   i,
+                   ngx_processes[i].pid,
+                   ngx_processes[i].exiting,
+                   ngx_processes[i].exited,
+                   ngx_processes[i].detached,
+                   ngx_processes[i].respawn,
+                   ngx_processes[i].just_spawn);
 
-        ngx_log_debug7(NGX_LOG_DEBUG_EVENT, cycle->log, 0,
-                       "child: %i %P e:%d t:%d d:%d r:%d j:%d",
-                       i,
-                       ngx_processes[i].pid,
-                       ngx_processes[i].exiting,
-                       ngx_processes[i].exited,
-                       ngx_processes[i].detached,
-                       ngx_processes[i].respawn,
-                       ngx_processes[i].just_spawn);
+    if (ngx_processes[i].detached || ngx_processes[i].pid == -1) {
+        return;
+    }
+
+    if (ngx_processes[i].just_spawn) {
+        ngx_processes[i].just_spawn = 0;
+        return;
+    }
+
+    if (ngx_processes[i].exiting
+        && signo == ngx_signal_value(NGX_SHUTDOWN_SIGNAL))
+    {
+        return;
+    }
 
-        if (ngx_processes[i].detached || ngx_processes[i].pid == -1) {
-            continue;
+    if (ch.command) {
+        if (ngx_write_channel(ngx_processes[i].channel[0],
+                              &ch, sizeof(ngx_channel_t), cycle->log)
+            == NGX_OK)
+        {
+            if (signo != ngx_signal_value(NGX_REOPEN_SIGNAL)) {
+                ngx_processes[i].exiting = 1;
+            }
+
+            return;
         }
+    }
 
-        if (ngx_processes[i].just_spawn) {
-            ngx_processes[i].just_spawn = 0;
-            continue;
-        }
+    ngx_log_debug2(NGX_LOG_DEBUG_CORE, cycle->log, 0,
+                   "kill (%P, %d)", ngx_processes[i].pid, signo);
 
-        if (ngx_processes[i].exiting
-            && signo == ngx_signal_value(NGX_SHUTDOWN_SIGNAL))
-        {
-            continue;
+    if (kill(ngx_processes[i].pid, signo) == -1) {
+        err = ngx_errno;
+        ngx_log_error(NGX_LOG_ALERT, cycle->log, err,
+                      "kill(%P, %d) failed", ngx_processes[i].pid, signo);
+
+        if (err == NGX_ESRCH) {
+            ngx_processes[i].exited = 1;
+            ngx_processes[i].exiting = 0;
+            ngx_reap = 1;
         }
 
-        if (ch.command) {
-            if (ngx_write_channel(ngx_processes[i].channel[0],
-                                  &ch, sizeof(ngx_channel_t), cycle->log)
-                == NGX_OK)
-            {
-                if (signo != ngx_signal_value(NGX_REOPEN_SIGNAL)) {
-                    ngx_processes[i].exiting = 1;
-                }
-
-                continue;
-            }
-        }
-
-        ngx_log_debug2(NGX_LOG_DEBUG_CORE, cycle->log, 0,
-                       "kill (%P, %d)", ngx_processes[i].pid, signo);
+        return;
+    }
 
-        if (kill(ngx_processes[i].pid, signo) == -1) {
-            err = ngx_errno;
-            ngx_log_error(NGX_LOG_ALERT, cycle->log, err,
-                          "kill(%P, %d) failed", ngx_processes[i].pid, signo);
-
-            if (err == NGX_ESRCH) {
-                ngx_processes[i].exited = 1;
-                ngx_processes[i].exiting = 0;
-                ngx_reap = 1;
-            }
-
-            continue;
-        }
-
-        if (signo != ngx_signal_value(NGX_REOPEN_SIGNAL)) {
-            ngx_processes[i].exiting = 1;
-        }
+    if (signo != ngx_signal_value(NGX_REOPEN_SIGNAL)) {
+        ngx_processes[i].exiting = 1;
     }
 }
 

From arut at nginx.com  Mon Aug 28 12:30:44 2023
From: arut at nginx.com (=?iso-8859-1?q?Roman_Arutyunyan?=)
Date: Mon, 28 Aug 2023 16:30:44 +0400
Subject: [PATCH 2 of 2] Added "max_shutdown_workers" directive
In-Reply-To: <patchbomb.1693225842@arut-laptop>
References: <patchbomb.1693225842@arut-laptop>
Message-ID: <42c3166b675a6a7624bd.1693225844@arut-laptop>

# HG changeset patch
# User Roman Arutyunyan <arut at nginx.com>
# Date 1693218974 -14400
#      Mon Aug 28 14:36:14 2023 +0400
# Node ID 42c3166b675a6a7624bdf3d78c0d4685ce8172e3
# Parent  fdad00808cb485ab83e919be59e9211ef06ac56a
Added "max_shutdown_workers" directive.

The directive sets maximum number of workers in shutdown state while reloading
nginx configuration.  Upon reaching this value, workers restart is postponed
until shutdown workers start exiting.  This allows for lower peak resource
consumption at the cost of slower reconfiguration.

diff --git a/src/core/nginx.c b/src/core/nginx.c
--- a/src/core/nginx.c
+++ b/src/core/nginx.c
@@ -83,6 +83,13 @@ static ngx_command_t  ngx_core_commands[
       0,
       NULL },
 
+    { ngx_string("max_shutdown_workers"),
+      NGX_MAIN_CONF|NGX_DIRECT_CONF|NGX_CONF_TAKE1,
+      ngx_conf_set_num_slot,
+      0,
+      offsetof(ngx_core_conf_t, max_shutdown_workers),
+      NULL },
+
     { ngx_string("debug_points"),
       NGX_MAIN_CONF|NGX_DIRECT_CONF|NGX_CONF_TAKE1,
       ngx_conf_set_enum_slot,
@@ -1117,6 +1124,7 @@ ngx_core_module_create_conf(ngx_cycle_t 
     ccf->shutdown_timeout = NGX_CONF_UNSET_MSEC;
 
     ccf->worker_processes = NGX_CONF_UNSET;
+    ccf->max_shutdown_workers = NGX_CONF_UNSET;
     ccf->debug_points = NGX_CONF_UNSET;
 
     ccf->rlimit_nofile = NGX_CONF_UNSET;
@@ -1146,6 +1154,7 @@ ngx_core_module_init_conf(ngx_cycle_t *c
     ngx_conf_init_msec_value(ccf->shutdown_timeout, 0);
 
     ngx_conf_init_value(ccf->worker_processes, 1);
+    ngx_conf_init_value(ccf->max_shutdown_workers, 0);
     ngx_conf_init_value(ccf->debug_points, 0);
 
 #if (NGX_HAVE_CPU_AFFINITY)
diff --git a/src/core/ngx_cycle.h b/src/core/ngx_cycle.h
--- a/src/core/ngx_cycle.h
+++ b/src/core/ngx_cycle.h
@@ -94,6 +94,7 @@ typedef struct {
     ngx_msec_t                shutdown_timeout;
 
     ngx_int_t                 worker_processes;
+    ngx_int_t                 max_shutdown_workers;
     ngx_int_t                 debug_points;
 
     ngx_int_t                 rlimit_nofile;
diff --git a/src/os/unix/ngx_process.c b/src/os/unix/ngx_process.c
--- a/src/os/unix/ngx_process.c
+++ b/src/os/unix/ngx_process.c
@@ -216,6 +216,7 @@ ngx_spawn_process(ngx_cycle_t *cycle, ng
     ngx_processes[s].data = data;
     ngx_processes[s].name = name;
     ngx_processes[s].exiting = 0;
+    ngx_processes[s].old = 0;
 
     switch (respawn) {
 
diff --git a/src/os/unix/ngx_process.h b/src/os/unix/ngx_process.h
--- a/src/os/unix/ngx_process.h
+++ b/src/os/unix/ngx_process.h
@@ -33,6 +33,7 @@ typedef struct {
     unsigned            detached:1;
     unsigned            exiting:1;
     unsigned            exited:1;
+    unsigned            old:1;
 } ngx_process_t;
 
 
diff --git a/src/os/unix/ngx_process_cycle.c b/src/os/unix/ngx_process_cycle.c
--- a/src/os/unix/ngx_process_cycle.c
+++ b/src/os/unix/ngx_process_cycle.c
@@ -15,6 +15,7 @@ static void ngx_start_worker_processes(n
     ngx_int_t type);
 static void ngx_start_worker_process(ngx_cycle_t *cycle, ngx_int_t i,
     ngx_int_t type);
+static void ngx_restart_worker_processes(ngx_cycle_t *cycle);
 static void ngx_start_cache_manager_processes(ngx_cycle_t *cycle,
     ngx_uint_t respawn);
 static void ngx_pass_open_channel(ngx_cycle_t *cycle);
@@ -22,6 +23,7 @@ static void ngx_signal_worker_processes(
 static void ngx_signal_worker_process(ngx_cycle_t *cycle, ngx_int_t i,
     int signo);
 static ngx_uint_t ngx_reap_children(ngx_cycle_t *cycle);
+static ngx_uint_t ngx_restart_worker_process(ngx_cycle_t *cycle);
 static void ngx_master_process_exit(ngx_cycle_t *cycle);
 static void ngx_worker_process_cycle(ngx_cycle_t *cycle, void *data);
 static void ngx_worker_process_init(ngx_cycle_t *cycle, ngx_int_t worker);
@@ -235,8 +237,8 @@ ngx_master_process_cycle(ngx_cycle_t *cy
             ngx_cycle = cycle;
             ccf = (ngx_core_conf_t *) ngx_get_conf(cycle->conf_ctx,
                                                    ngx_core_module);
-            ngx_start_worker_processes(cycle, ccf->worker_processes,
-                                       NGX_PROCESS_JUST_RESPAWN);
+            ngx_restart_worker_processes(cycle);
+
             ngx_start_cache_manager_processes(cycle, 1);
 
             /* allow new processes to start */
@@ -360,6 +362,70 @@ ngx_start_worker_process(ngx_cycle_t *cy
 
 
 static void
+ngx_restart_worker_processes(ngx_cycle_t *cycle)
+{
+    ngx_int_t         i, n, m, worker;
+    ngx_core_conf_t  *ccf;
+
+    ccf = (ngx_core_conf_t *) ngx_get_conf(cycle->conf_ctx, ngx_core_module);
+
+    n = 0;
+    m = ccf->max_shutdown_workers;
+
+    if (m == 0) {
+        goto start;
+    }
+
+    for (i = 0; i < ngx_last_process; i++) {
+
+        if (ngx_processes[i].pid == -1
+            || ngx_processes[i].proc != ngx_worker_process_cycle)
+        {
+            continue;
+        }
+
+        ngx_processes[i].old = 0;
+        worker = (intptr_t) ngx_processes[i].data;
+
+        if (!ngx_processes[i].exiting && worker < ccf->worker_processes) {
+            n++;
+
+        } else if (m > 0) {
+            m--;
+        }
+    }
+
+    n = (n > m) ? n - m : 0;
+
+    if (n == 0) {
+        goto start;
+    }
+
+    for (i = 0; i < ngx_last_process; i++) {
+
+        if (ngx_processes[i].pid == -1
+            || ngx_processes[i].proc != ngx_worker_process_cycle)
+        {
+            continue;
+        }
+
+        ngx_processes[i].old = 1;
+        worker = (intptr_t) ngx_processes[i].data;
+
+        if (!ngx_processes[i].exiting && worker < n) {
+            ngx_processes[i].just_spawn = 1;
+        }
+    }
+
+start:
+
+    for (i = n; i < ccf->worker_processes; i++) {
+        ngx_start_worker_process(cycle, i, NGX_PROCESS_JUST_RESPAWN);
+    }
+}
+
+
+static void
 ngx_start_cache_manager_processes(ngx_cycle_t *cycle, ngx_uint_t respawn)
 {
     ngx_uint_t    i, manager, loader;
@@ -486,15 +552,16 @@ ngx_signal_worker_process(ngx_cycle_t *c
     ch.fd = -1;
 
 
-    ngx_log_debug7(NGX_LOG_DEBUG_EVENT, cycle->log, 0,
-                   "child: %i %P e:%d t:%d d:%d r:%d j:%d",
+    ngx_log_debug8(NGX_LOG_DEBUG_EVENT, cycle->log, 0,
+                   "child: %i %P e:%d t:%d d:%d r:%d j:%d o:%d",
                    i,
                    ngx_processes[i].pid,
                    ngx_processes[i].exiting,
                    ngx_processes[i].exited,
                    ngx_processes[i].detached,
                    ngx_processes[i].respawn,
-                   ngx_processes[i].just_spawn);
+                   ngx_processes[i].just_spawn,
+                   ngx_processes[i].old);
 
     if (ngx_processes[i].detached || ngx_processes[i].pid == -1) {
         return;
@@ -563,15 +630,16 @@ ngx_reap_children(ngx_cycle_t *cycle)
     live = 0;
     for (i = 0; i < ngx_last_process; i++) {
 
-        ngx_log_debug7(NGX_LOG_DEBUG_EVENT, cycle->log, 0,
-                       "child: %i %P e:%d t:%d d:%d r:%d j:%d",
+        ngx_log_debug8(NGX_LOG_DEBUG_EVENT, cycle->log, 0,
+                       "child: %i %P e:%d t:%d d:%d r:%d j:%d o:%d",
                        i,
                        ngx_processes[i].pid,
                        ngx_processes[i].exiting,
                        ngx_processes[i].exited,
                        ngx_processes[i].detached,
                        ngx_processes[i].respawn,
-                       ngx_processes[i].just_spawn);
+                       ngx_processes[i].just_spawn,
+                       ngx_processes[i].old);
 
         if (ngx_processes[i].pid == -1) {
             continue;
@@ -660,6 +728,16 @@ ngx_reap_children(ngx_cycle_t *cycle)
                 ngx_processes[i].pid = -1;
             }
 
+            if (ngx_processes[i].old
+                && ngx_processes[i].exiting
+                && !ngx_terminate
+                && !ngx_quit)
+            {
+                if (ngx_restart_worker_process(cycle)) {
+                    live = 1;
+                }
+            }
+
         } else if (ngx_processes[i].exiting || !ngx_processes[i].detached) {
             live = 1;
         }
@@ -669,6 +747,53 @@ ngx_reap_children(ngx_cycle_t *cycle)
 }
 
 
+static ngx_uint_t
+ngx_restart_worker_process(ngx_cycle_t *cycle)
+{
+    ngx_int_t         i, j, m;
+    ngx_core_conf_t  *ccf;
+
+    ccf = (ngx_core_conf_t *) ngx_get_conf(cycle->conf_ctx, ngx_core_module);
+
+    j = -1;
+    m = ccf->max_shutdown_workers;
+
+    if (m == 0) {
+        return 0;
+    }
+
+    for (i = 0; i < ngx_last_process; i++) {
+
+        if (ngx_processes[i].pid == -1 || !ngx_processes[i].old) {
+            continue;
+        }
+
+        if (!ngx_processes[i].exiting && !ngx_processes[i].exited) {
+            j = i;
+            continue;
+        }
+
+        if (--m == 0) {
+            return 0;
+        }
+    }
+
+    if (j == -1) {
+        return 0;
+    }
+
+    ngx_start_worker_process(cycle, (intptr_t) ngx_processes[j].data,
+                             NGX_PROCESS_RESPAWN);
+
+    ngx_msleep(100);
+
+    ngx_signal_worker_process(cycle, j,
+                              ngx_signal_value(NGX_SHUTDOWN_SIGNAL));
+
+    return 1;
+}
+
+
 static void
 ngx_master_process_exit(ngx_cycle_t *cycle)
 {

From arut at nginx.com  Tue Aug 29 07:19:19 2023
From: arut at nginx.com (=?iso-8859-1?q?Roman_Arutyunyan?=)
Date: Tue, 29 Aug 2023 11:19:19 +0400
Subject: [PATCH] QUIC: use client dcid rather than odcid to receive packets
Message-ID: <7f451ca6f449958011e2.1693293559@arut-laptop>

# HG changeset patch
# User Roman Arutyunyan <arut at nginx.com>
# Date 1693292146 -14400
#      Tue Aug 29 10:55:46 2023 +0400
# Node ID 7f451ca6f449958011e29aee5231e70be4992374
# Parent  58afcd72446ff33811e773f1cabb7866a92a09a0
QUIC: use client dcid rather than odcid to receive packets.

Previously, odcid was used to receive initial client packets in case server
initial response was lost.  However, dcid should be used instead.  These two
are the same unless retry is used.  In case of retry, client resends initial
packets with the retry dcid.  If server response is lost, the client resends
this packet again with the same retry dcid, but not odcid.  This is shown in
RFC 9000, 7.3. Authenticating Connection IDs, Figure 8.

The issue manifested itself with creating multiple server sessions in response
to each post-retry client initial packet, if server response is lost.

diff --git a/src/event/quic/ngx_event_quic.c b/src/event/quic/ngx_event_quic.c
--- a/src/event/quic/ngx_event_quic.c
+++ b/src/event/quic/ngx_event_quic.c
@@ -1100,7 +1100,7 @@ ngx_quic_discard_ctx(ngx_connection_t *c
     }
 
     if (level == ssl_encryption_initial) {
-        /* close temporary listener with odcid */
+        /* close temporary listener with initial dcid */
         qsock = ngx_quic_find_socket(c, NGX_QUIC_UNSET_PN);
         if (qsock) {
             ngx_quic_close_socket(c, qsock);
diff --git a/src/event/quic/ngx_event_quic_socket.c b/src/event/quic/ngx_event_quic_socket.c
--- a/src/event/quic/ngx_event_quic_socket.c
+++ b/src/event/quic/ngx_event_quic_socket.c
@@ -93,8 +93,8 @@ ngx_quic_open_sockets(ngx_connection_t *
 
     tmp->sid.seqnum = NGX_QUIC_UNSET_PN; /* temporary socket */
 
-    ngx_memcpy(tmp->sid.id, pkt->odcid.data, pkt->odcid.len);
-    tmp->sid.len = pkt->odcid.len;
+    ngx_memcpy(tmp->sid.id, pkt->dcid.data, pkt->dcid.len);
+    tmp->sid.len = pkt->dcid.len;
 
     if (ngx_quic_listen(c, qc, tmp) != NGX_OK) {
         goto failed;

From osa at FreeBSD.org.ru  Tue Aug 29 15:28:09 2023
From: osa at FreeBSD.org.ru (=?iso-8859-1?q?Sergey_A=2E_Osokin?=)
Date: Tue, 29 Aug 2023 18:28:09 +0300
Subject: [PATCH] Provided more details about ssl_protocol directive usage by
Message-ID: <e3b7490c492c7865baf9.1693322889@mp2.macomnet.net>

# HG changeset patch
# User Sergey A. Osokin <osa at FreeBSD.org.ru>
# Date 1693322780 -10800
#      Tue Aug 29 18:26:20 2023 +0300
# Node ID e3b7490c492c7865baf950e20f0430cf035b6cf3
# Parent  4e25281328fa2152cadedc52e05f8a1b1bf531cd
Provided more details about ssl_protocol directive usage by
adding link to the "Server names" document.

diff -r 4e25281328fa -r e3b7490c492c xml/en/docs/http/ngx_http_ssl_module.xml
--- a/xml/en/docs/http/ngx_http_ssl_module.xml	Tue Aug 29 09:11:57 2023 +0100
+++ b/xml/en/docs/http/ngx_http_ssl_module.xml	Tue Aug 29 18:26:20 2023 +0300
@@ -10,7 +10,7 @@
 <module name="Module ngx_http_ssl_module"
         link="/en/docs/http/ngx_http_ssl_module.html"
         lang="en"
-        rev="61">
+        rev="62">
 
 <section id="summary">
 
@@ -616,6 +616,12 @@
 </note>
 </para>
 
+<para>
+The directive usage details with virtual servers are provided in the
+“<link doc="server_names.xml" id="virtual_server_selection">Virtual
+server selection</link>” section.
+</para>
+
 </directive>
 
 

From mdounin at mdounin.ru  Tue Aug 29 16:03:12 2023
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 29 Aug 2023 19:03:12 +0300
Subject: [PATCH] Provided more details about ssl_protocol directive usage
 by
In-Reply-To: <e3b7490c492c7865baf9.1693322889@mp2.macomnet.net>
References: <e3b7490c492c7865baf9.1693322889@mp2.macomnet.net>
Message-ID: <ZO4WwAnuhL1qExu6@mdounin.ru>

Hello!

On Tue, Aug 29, 2023 at 06:28:09PM +0300, Sergey A. Osokin wrote:

> # HG changeset patch
> # User Sergey A. Osokin <osa at FreeBSD.org.ru>
> # Date 1693322780 -10800
> #      Tue Aug 29 18:26:20 2023 +0300
> # Node ID e3b7490c492c7865baf950e20f0430cf035b6cf3
> # Parent  4e25281328fa2152cadedc52e05f8a1b1bf531cd
> Provided more details about ssl_protocol directive usage by
> adding link to the "Server names" document.

Please follow style as outlined at 
http://nginx.org/en/docs/contributing_changes.html:

: The commit message should have a single-line synopsis followed 
: by verbose description after an empty line. It is desirable that 
: the first line is no longer than 67 symbols.

> 
> diff -r 4e25281328fa -r e3b7490c492c xml/en/docs/http/ngx_http_ssl_module.xml
> --- a/xml/en/docs/http/ngx_http_ssl_module.xml	Tue Aug 29 09:11:57 2023 +0100
> +++ b/xml/en/docs/http/ngx_http_ssl_module.xml	Tue Aug 29 18:26:20 2023 +0300
> @@ -10,7 +10,7 @@
>  <module name="Module ngx_http_ssl_module"
>          link="/en/docs/http/ngx_http_ssl_module.html"
>          lang="en"
> -        rev="61">
> +        rev="62">
>  
>  <section id="summary">
>  
> @@ -616,6 +616,12 @@
>  </note>
>  </para>
>  
> +<para>
> +The directive usage details with virtual servers are provided in the
> +“<link doc="server_names.xml" id="virtual_server_selection">Virtual
> +server selection</link>” section.
> +</para>
> +
>  </directive>

I would rather follow generic form of the reference, such as in 
http://nginx.org/r/merge_slashes and other directives mentioned in 
the section.  Probably with some additional clarification, such as 
"will be used" instead of "can be used".

In particular, this will make translation trivial (which is also 
desired for Russian language, which we used to maintain in the 
up-to-date state).

Also, this probably should be before notes, which apply to the 
whole directive description and not the particular paragraph.

-- 
Maxim Dounin
http://mdounin.ru/

From osa at freebsd.org.ru  Tue Aug 29 17:54:46 2023
From: osa at freebsd.org.ru (Sergey A. Osokin)
Date: Tue, 29 Aug 2023 20:54:46 +0300
Subject: [PATCH] Provided more details about ssl_protocol directive usage
 by
In-Reply-To: <ZO4WwAnuhL1qExu6@mdounin.ru>
References: <e3b7490c492c7865baf9.1693322889@mp2.macomnet.net>
 <ZO4WwAnuhL1qExu6@mdounin.ru>
Message-ID: <ZO4w5vdtmkYdDC21@FreeBSD.org.ru>

Hi Maxim,

thanks for the review.

On Tue, Aug 29, 2023 at 07:03:12PM +0300, Maxim Dounin wrote:
> On Tue, Aug 29, 2023 at 06:28:09PM +0300, Sergey A. Osokin wrote:
> 
> > # HG changeset patch
> > # User Sergey A. Osokin <osa at FreeBSD.org.ru>
> > # Date 1693322780 -10800
> > #      Tue Aug 29 18:26:20 2023 +0300
> > # Node ID e3b7490c492c7865baf950e20f0430cf035b6cf3
> > # Parent  4e25281328fa2152cadedc52e05f8a1b1bf531cd
> > Provided more details about ssl_protocol directive usage by
> > adding link to the "Server names" document.
> 
> Please follow style as outlined at 
> http://nginx.org/en/docs/contributing_changes.html:

Updated.

[...]

> > +<para>
> > +The directive usage details with virtual servers are provided in the
> > +“<link doc="server_names.xml" id="virtual_server_selection">Virtual
> > +server selection</link>” section.
> > +</para>
> > +
> >  </directive>
> 
> I would rather follow generic form of the reference, such as in 
> http://nginx.org/r/merge_slashes and other directives mentioned in 
> the section.  Probably with some additional clarification, such as 
> "will be used" instead of "can be used".
> 
> In particular, this will make translation trivial (which is also 
> desired for Russian language, which we used to maintain in the 
> up-to-date state).
> 
> Also, this probably should be before notes, which apply to the 
> whole directive description and not the particular paragraph.

Sure, here's the updated version.

# HG changeset patch
# User Sergey A. Osokin <osa at FreeBSD.org.ru>
# Date 1693331420 -10800
#      Tue Aug 29 20:50:20 2023 +0300
# Node ID ccc0bacc1869bebae054020c6856d045b2a11b85
# Parent  4e25281328fa2152cadedc52e05f8a1b1bf531cd
Updated ngx_http_ssl_module module documentation.

Provided details about ssl_protocol directive usage by
adding link to the "Server names" document.

diff -r 4e25281328fa -r ccc0bacc1869 xml/en/docs/http/ngx_http_ssl_module.xml
--- a/xml/en/docs/http/ngx_http_ssl_module.xml	Tue Aug 29 09:11:57 2023 +0100
+++ b/xml/en/docs/http/ngx_http_ssl_module.xml	Tue Aug 29 20:50:20 2023 +0300
@@ -10,7 +10,7 @@
 <module name="Module ngx_http_ssl_module"
         link="/en/docs/http/ngx_http_ssl_module.html"
         lang="en"
-        rev="61">
+        rev="62">
 
 <section id="summary">
 
@@ -602,6 +602,15 @@
 
 <para>
 Enables the specified protocols.
+
+<para>
+If the directive is specified on the <link id="server"/> level,
+the value from the default will be used.
+Defails are provided in the
+“<link doc="server_names.xml" id="virtual_server_selection">Virtual
+server selection</link>” section.
+</para>
+
 <note>
 The <literal>TLSv1.1</literal> and <literal>TLSv1.2</literal> parameters
 (1.1.13, 1.0.12) work only when OpenSSL 1.0.1 or higher is used.
diff -r 4e25281328fa -r ccc0bacc1869 xml/ru/docs/http/ngx_http_ssl_module.xml
--- a/xml/ru/docs/http/ngx_http_ssl_module.xml	Tue Aug 29 09:11:57 2023 +0100
+++ b/xml/ru/docs/http/ngx_http_ssl_module.xml	Tue Aug 29 20:50:20 2023 +0300
@@ -10,7 +10,7 @@
 <module name="Модуль ngx_http_ssl_module"
         link="/ru/docs/http/ngx_http_ssl_module.html"
         lang="ru"
-        rev="61">
+        rev="62">
 
 <section id="summary">
 
@@ -607,6 +607,15 @@
 
 <para>
 Разрешает указанные протоколы.
+
+<para>
+Если директива указана на уровне <link id="server"/>,
+то будет использоваться значение из сервера по умолчанию.
+Подробнее см. в разделе
+“<link doc="server_names.xml" id="virtual_server_selection">Выбор
+виртуального сервера</link>”.
+</para>
+
 <note>
 Параметры <literal>TLSv1.1</literal> и <literal>TLSv1.2</literal>
 (1.1.13, 1.0.12) работают только при использовании OpenSSL 1.0.1 и выше.


--
Sergey A. Osokin

From pluknet at nginx.com  Tue Aug 29 17:56:22 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Tue, 29 Aug 2023 21:56:22 +0400
Subject: [PATCH] QUIC: use client dcid rather than odcid to receive packets
In-Reply-To: <7f451ca6f449958011e2.1693293559@arut-laptop>
References: <7f451ca6f449958011e2.1693293559@arut-laptop>
Message-ID: <282507AC-EAF5-402B-8428-47390BEBD0EE@nginx.com>


> On 29 Aug 2023, at 11:19, Roman Arutyunyan <arut at nginx.com> wrote:
> 
> # HG changeset patch
> # User Roman Arutyunyan <arut at nginx.com>
> # Date 1693292146 -14400
> #      Tue Aug 29 10:55:46 2023 +0400
> # Node ID 7f451ca6f449958011e29aee5231e70be4992374
> # Parent  58afcd72446ff33811e773f1cabb7866a92a09a0
> QUIC: use client dcid rather than odcid to receive packets.

QUIC: using client dcid to receive initial packets.

?

> 
> Previously, odcid was used to receive initial client packets in case server
> initial response was lost.  However, dcid should be used instead.  These two

It takes time to recall meaning of these acronyms, I would expand
them in the commit log as initial dcid and client dcid for clarity.

Previously, initial dcid was used ..

> are the same unless retry is used.  In case of retry, client resends initial
> packets with the retry dcid.  If server response is lost, the client resends
> this packet again with the same retry dcid, but not odcid.  This is shown in
> RFC 9000, 7.3. Authenticating Connection IDs, Figure 8.
> 
> The issue manifested itself with creating multiple server sessions in response
> to each post-retry client initial packet, if server response is lost.

My archeologist analysis refers to dffb66fb783b, where it seemingly
was broken.  Before stateless retry support, retry id was inserted
as part of sending Retry packet, this part was lost in transit.

> 
> diff --git a/src/event/quic/ngx_event_quic.c b/src/event/quic/ngx_event_quic.c
> --- a/src/event/quic/ngx_event_quic.c
> +++ b/src/event/quic/ngx_event_quic.c
> @@ -1100,7 +1100,7 @@ ngx_quic_discard_ctx(ngx_connection_t *c
>     }
> 
>     if (level == ssl_encryption_initial) {
> -        /* close temporary listener with odcid */
> +        /* close temporary listener with initial dcid */
>         qsock = ngx_quic_find_socket(c, NGX_QUIC_UNSET_PN);
>         if (qsock) {
>             ngx_quic_close_socket(c, qsock);
> diff --git a/src/event/quic/ngx_event_quic_socket.c b/src/event/quic/ngx_event_quic_socket.c
> --- a/src/event/quic/ngx_event_quic_socket.c
> +++ b/src/event/quic/ngx_event_quic_socket.c
> @@ -93,8 +93,8 @@ ngx_quic_open_sockets(ngx_connection_t *
> 
>     tmp->sid.seqnum = NGX_QUIC_UNSET_PN; /* temporary socket */
> 
> -    ngx_memcpy(tmp->sid.id, pkt->odcid.data, pkt->odcid.len);
> -    tmp->sid.len = pkt->odcid.len;
> +    ngx_memcpy(tmp->sid.id, pkt->dcid.data, pkt->dcid.len);
> +    tmp->sid.len = pkt->dcid.len;
> 
>     if (ngx_quic_listen(c, qc, tmp) != NGX_OK) {
>         goto failed;

The change looks good.

For convenience, it's caught with the following test.
(Also couple of test bugs fixed:
- stop regenerating private key on retry, so secrets match
- ClientHello is built once to avoid breaking digest).

diff --git a/lib/Test/Nginx/HTTP3.pm b/lib/Test/Nginx/HTTP3.pm
--- a/lib/Test/Nginx/HTTP3.pm
+++ b/lib/Test/Nginx/HTTP3.pm
@@ -59,6 +59,7 @@ sub new {
 	$self->{buf} = '';
 
 	$self->init();
+	$self->init_key_schedule();
 	$self->retry(%extra) or return;
 
 	return $self;
@@ -100,7 +101,6 @@ sub retry {
 	$self->set_traffic_keys('tls13 client in', 'SHA256', 32, 0, 'w', $prk);
 	$self->set_traffic_keys('tls13 server in', 'SHA256', 32, 0, 'r', $prk);
 
-	$self->init_key_schedule();
 	$self->initial();
 	return $self if $extra{probe};
 	$self->handshake() or return;
@@ -134,7 +134,8 @@ sub init_key_schedule {
 
 sub initial {
 	my ($self) = @_;
-	$self->{tlsm}{ch} = $self->build_tls_client_hello();
+	$self->{tlsm}{ch} = $self->build_tls_client_hello()
+		if length($self->{tlsm}{ch}) == 0;
 	my $ch = $self->{tlsm}{ch};
 	my $crypto = build_crypto($ch);
 	my $padding = 1200 - length($crypto);
diff --git a/quic_retry.t b/quic_retry.t
--- a/quic_retry.t
+++ b/quic_retry.t
@@ -24,7 +24,7 @@ select STDERR; $| = 1;
 select STDOUT; $| = 1;
 
 my $t = Test::Nginx->new()->has(qw/http http_v3 cryptx/)
-	->has_daemon('openssl')->plan(7)
+	->has_daemon('openssl')->plan(8)
 	->write_file_expand('nginx.conf', <<'EOF');
 
 %%TEST_GLOBALS%%
@@ -41,6 +41,8 @@ http {
     ssl_certificate localhost.crt;
     quic_retry on;
 
+    keepalive_timeout 3s;
+
     server {
         listen       127.0.0.1:%%PORT_8980_UDP%% quic;
         server_name  localhost;
@@ -120,4 +122,41 @@ is($frame->{error}, 11, 'retry token dec
 
 }
 
+# dup'ed Initial to simulate packet loss, was used to create extra nginx
+# connections, caught due to CRYPTO mismatch in server's Initial packets
+
+TODO: {
+local $TODO = 'not yet';
+
+$s = new_dup_initial();
+$sid = $s->new_stream();
+
+eval {
+	# would die with "bad inner" CRYPTO insert error
+is($frame->{headers}->{':status'}, 403, 'duplicate initial');
+
+}
+
 ###############################################################################
+
+# expanded handshake version to send repetitive Initial packets
+
+sub new_dup_initial {
+	$s = Test::Nginx::HTTP3->new(8980, probe => 1);
+	$s->{socket}->sysread($s->{buf}, 65527);
+	# read token and updated connection IDs
+	(undef, undef, $s->{token}) = $s->decrypt_retry($s->{buf});
+	# apply connection IDs for new Initial secrets
+	$s->retry(probe => 1);
+	# send the second Initial packet
+	$s->initial();
+	# the rest of handshake, advancing key schedule
+	$s->handshake();
+	return $s;
+}
+
+###############################################################################

-- 
Sergey Kandaurov

From mdounin at mdounin.ru  Tue Aug 29 18:21:54 2023
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 29 Aug 2023 21:21:54 +0300
Subject: [PATCH] Provided more details about ssl_protocol directive usage
 by
In-Reply-To: <ZO4w5vdtmkYdDC21@FreeBSD.org.ru>
References: <e3b7490c492c7865baf9.1693322889@mp2.macomnet.net>
 <ZO4WwAnuhL1qExu6@mdounin.ru> <ZO4w5vdtmkYdDC21@FreeBSD.org.ru>
Message-ID: <ZO43QoeIsxviZW0o@mdounin.ru>

Hello!

On Tue, Aug 29, 2023 at 08:54:46PM +0300, Sergey A. Osokin wrote:

> Hi Maxim,
> 
> thanks for the review.
> 
> On Tue, Aug 29, 2023 at 07:03:12PM +0300, Maxim Dounin wrote:
> > On Tue, Aug 29, 2023 at 06:28:09PM +0300, Sergey A. Osokin wrote:
> > 
> > > # HG changeset patch
> > > # User Sergey A. Osokin <osa at FreeBSD.org.ru>
> > > # Date 1693322780 -10800
> > > #      Tue Aug 29 18:26:20 2023 +0300
> > > # Node ID e3b7490c492c7865baf950e20f0430cf035b6cf3
> > > # Parent  4e25281328fa2152cadedc52e05f8a1b1bf531cd
> > > Provided more details about ssl_protocol directive usage by
> > > adding link to the "Server names" document.
> > 
> > Please follow style as outlined at 
> > http://nginx.org/en/docs/contributing_changes.html:
> 
> Updated.
> 
> [...]
> 
> > > +<para>
> > > +The directive usage details with virtual servers are provided in the
> > > +“<link doc="server_names.xml" id="virtual_server_selection">Virtual
> > > +server selection</link>” section.
> > > +</para>
> > > +
> > >  </directive>
> > 
> > I would rather follow generic form of the reference, such as in 
> > http://nginx.org/r/merge_slashes and other directives mentioned in 
> > the section.  Probably with some additional clarification, such as 
> > "will be used" instead of "can be used".
> > 
> > In particular, this will make translation trivial (which is also 
> > desired for Russian language, which we used to maintain in the 
> > up-to-date state).
> > 
> > Also, this probably should be before notes, which apply to the 
> > whole directive description and not the particular paragraph.
> 
> Sure, here's the updated version.
> 
> # HG changeset patch
> # User Sergey A. Osokin <osa at FreeBSD.org.ru>
> # Date 1693331420 -10800
> #      Tue Aug 29 20:50:20 2023 +0300
> # Node ID ccc0bacc1869bebae054020c6856d045b2a11b85
> # Parent  4e25281328fa2152cadedc52e05f8a1b1bf531cd
> Updated ngx_http_ssl_module module documentation.
> 
> Provided details about ssl_protocol directive usage by
> adding link to the "Server names" document.
> 
> diff -r 4e25281328fa -r ccc0bacc1869 xml/en/docs/http/ngx_http_ssl_module.xml
> --- a/xml/en/docs/http/ngx_http_ssl_module.xml	Tue Aug 29 09:11:57 2023 +0100
> +++ b/xml/en/docs/http/ngx_http_ssl_module.xml	Tue Aug 29 20:50:20 2023 +0300
> @@ -10,7 +10,7 @@
>  <module name="Module ngx_http_ssl_module"
>          link="/en/docs/http/ngx_http_ssl_module.html"
>          lang="en"
> -        rev="61">
> +        rev="62">
>  
>  <section id="summary">
>  
> @@ -602,6 +602,15 @@
>  
>  <para>
>  Enables the specified protocols.
> +
> +<para>

$ make
...
xmllint --noout --valid  xml/en/docs/http/ngx_http_ssl_module.xml
xml/en/docs/http/ngx_http_ssl_module.xml:626: element para: 
validity error : Element para is not declared in para list of 
possible children
</para>
       ^
gmake[1]: *** [GNUmakefile:164: 
libxslt/en/docs/http/ngx_http_ssl_module.html] Error 4


In this particular case, appropriate solution would be to close 
the paragraph, and put notes into their own paragraph.

> +If the directive is specified on the <link id="server"/> level,
> +the value from the default will be used.

s/the default/the default server/

Also, reading it again I tend to think that "will be used" might 
be misleading.  It might be good to adjust this somehow to make it 
clear that ssl_protocols works if used in the default server, but 
will use the configuration from the default server if used in a 
name-based virtual server.  Not sure how though.

Alternatively, just using "can be used" as in other directives 
might be good enough.

> +Defails are provided in the

s/Defails/Details/

> +“<link doc="server_names.xml" id="virtual_server_selection">Virtual
> +server selection</link>” section.
> +</para>
> +
>  <note>
>  The <literal>TLSv1.1</literal> and <literal>TLSv1.2</literal> parameters
>  (1.1.13, 1.0.12) work only when OpenSSL 1.0.1 or higher is used.
> diff -r 4e25281328fa -r ccc0bacc1869 xml/ru/docs/http/ngx_http_ssl_module.xml
> --- a/xml/ru/docs/http/ngx_http_ssl_module.xml	Tue Aug 29 09:11:57 2023 +0100
> +++ b/xml/ru/docs/http/ngx_http_ssl_module.xml	Tue Aug 29 20:50:20 2023 +0300
> @@ -10,7 +10,7 @@
>  <module name="Модуль ngx_http_ssl_module"
>          link="/ru/docs/http/ngx_http_ssl_module.html"
>          lang="ru"
> -        rev="61">
> +        rev="62">
>  
>  <section id="summary">
>  
> @@ -607,6 +607,15 @@
>  
>  <para>
>  Разрешает указанные протоколы.
> +
> +<para>
> +Если директива указана на уровне <link id="server"/>,
> +то будет использоваться значение из сервера по умолчанию.
> +Подробнее см. в разделе
> +“<link doc="server_names.xml" id="virtual_server_selection">Выбор
> +виртуального сервера</link>”.
> +</para>
> +
>  <note>
>  Параметры <literal>TLSv1.1</literal> и <literal>TLSv1.2</literal>
>  (1.1.13, 1.0.12) работают только при использовании OpenSSL 1.0.1 и выше.

Same here.

-- 
Maxim Dounin
http://mdounin.ru/

From osa at freebsd.org.ru  Tue Aug 29 19:58:07 2023
From: osa at freebsd.org.ru (Sergey A. Osokin)
Date: Tue, 29 Aug 2023 22:58:07 +0300
Subject: [PATCH] Provided more details about ssl_protocol directive usage
 by
In-Reply-To: <ZO43QoeIsxviZW0o@mdounin.ru>
References: <e3b7490c492c7865baf9.1693322889@mp2.macomnet.net>
 <ZO4WwAnuhL1qExu6@mdounin.ru> <ZO4w5vdtmkYdDC21@FreeBSD.org.ru>
 <ZO43QoeIsxviZW0o@mdounin.ru>
Message-ID: <ZO5Nz2VkUb2fu154@FreeBSD.org.ru>

Hi,

On Tue, Aug 29, 2023 at 09:21:54PM +0300, Maxim Dounin wrote:
> On Tue, Aug 29, 2023 at 08:54:46PM +0300, Sergey A. Osokin wrote:

[...]

> >  <para>
> >  Enables the specified protocols.
> > +
> > +<para>
> 
> $ make
> ...
> xmllint --noout --valid  xml/en/docs/http/ngx_http_ssl_module.xml
> xml/en/docs/http/ngx_http_ssl_module.xml:626: element para: 
> validity error : Element para is not declared in para list of 
> possible children
> </para>
>        ^
> gmake[1]: *** [GNUmakefile:164: 
> libxslt/en/docs/http/ngx_http_ssl_module.html] Error 4
> 
> 
> In this particular case, appropriate solution would be to close 
> the paragraph, and put notes into their own paragraph.

Fixed.

> > +If the directive is specified on the <link id="server"/> level,
> > +the value from the default will be used.
> 
> s/the default/the default server/

Fixed.

> Also, reading it again I tend to think that "will be used" might 
> be misleading.  It might be good to adjust this somehow to make it 
> clear that ssl_protocols works if used in the default server, but 
> will use the configuration from the default server if used in a 
> name-based virtual server.  Not sure how though.
> 
> Alternatively, just using "can be used" as in other directives 
> might be good enough.

I'd prefer to keep "will be used", so I slightly change the 
target, please take a look.

> > +Defails are provided in the
> 
> s/Defails/Details/

Fixed.

> > +виртуального сервера</link>”.
> > +</para>
> > +
> >  <note>
> 
> Same here.

Fixed, here's another revision.

# HG changeset patch
# User Sergey A. Osokin <osa at FreeBSD.org.ru>
# Date 1693338612 -10800
#      Tue Aug 29 22:50:12 2023 +0300
# Node ID e61a21da119d7284b3b93f9a3ab530e1556fae09
# Parent  4e25281328fa2152cadedc52e05f8a1b1bf531cd
Updated ngx_http_ssl_module module documentation.

Provided details about ssl_protocol directive usage by
adding link to the "Server names" document.

diff -r 4e25281328fa -r e61a21da119d xml/en/docs/http/ngx_http_ssl_module.xml
--- a/xml/en/docs/http/ngx_http_ssl_module.xml	Tue Aug 29 09:11:57 2023 +0100
+++ b/xml/en/docs/http/ngx_http_ssl_module.xml	Tue Aug 29 22:50:12 2023 +0300
@@ -10,7 +10,7 @@
 <module name="Module ngx_http_ssl_module"
         link="/en/docs/http/ngx_http_ssl_module.html"
         lang="en"
-        rev="61">
+        rev="62">
 
 <section id="summary">
 
@@ -602,6 +602,18 @@
 
 <para>
 Enables the specified protocols.
+</para>
+
+<para>
+If the directive is specified on the <link id="server"/> level of a
+name-based virtual server, the value from the default server will
+be used.
+Details are provided in the
+“<link doc="server_names.xml" id="virtual_server_selection">Virtual
+server selection</link>” section.
+</para>
+
+<para>
 <note>
 The <literal>TLSv1.1</literal> and <literal>TLSv1.2</literal> parameters
 (1.1.13, 1.0.12) work only when OpenSSL 1.0.1 or higher is used.
diff -r 4e25281328fa -r e61a21da119d xml/ru/docs/http/ngx_http_ssl_module.xml
--- a/xml/ru/docs/http/ngx_http_ssl_module.xml	Tue Aug 29 09:11:57 2023 +0100
+++ b/xml/ru/docs/http/ngx_http_ssl_module.xml	Tue Aug 29 22:50:12 2023 +0300
@@ -10,7 +10,7 @@
 <module name="Модуль ngx_http_ssl_module"
         link="/ru/docs/http/ngx_http_ssl_module.html"
         lang="ru"
-        rev="61">
+        rev="62">
 
 <section id="summary">
 
@@ -607,6 +607,18 @@
 
 <para>
 Разрешает указанные протоколы.
+</para>
+
+<para>
+Если директива указана на уровне основанного на имени виртуального
+<link id="server"/>, то будет использоваться значение из сервера
+по умолчанию.
+Подробнее см. в разделе
+“<link doc="server_names.xml" id="virtual_server_selection">Выбор
+виртуального сервера</link>”.
+</para>
+
+<para>
 <note>
 Параметры <literal>TLSv1.1</literal> и <literal>TLSv1.2</literal>
 (1.1.13, 1.0.12) работают только при использовании OpenSSL 1.0.1 и выше.


-- 
Sergey A. Osokin

From osa at freebsd.org.ru  Tue Aug 29 21:34:16 2023
From: osa at freebsd.org.ru (Sergey A. Osokin)
Date: Wed, 30 Aug 2023 00:34:16 +0300
Subject: [PATCH] Provided more details about ssl_protocol directive usage
 by
In-Reply-To: <ZO43QoeIsxviZW0o@mdounin.ru>
References: <e3b7490c492c7865baf9.1693322889@mp2.macomnet.net>
 <ZO4WwAnuhL1qExu6@mdounin.ru> <ZO4w5vdtmkYdDC21@FreeBSD.org.ru>
 <ZO43QoeIsxviZW0o@mdounin.ru>
Message-ID: <ZO5kWGykiCeH2sqa@FreeBSD.org.ru>

Hi,

On Tue, Aug 29, 2023 at 09:21:54PM +0300, Maxim Dounin wrote:
> >  <para>
> >  Enables the specified protocols.
> > +
> > +<para>
> 
> $ make
> ...
> xmllint --noout --valid  xml/en/docs/http/ngx_http_ssl_module.xml
> xml/en/docs/http/ngx_http_ssl_module.xml:626: element para: 
> validity error : Element para is not declared in para list of 
> possible children
> </para>
>        ^
> gmake[1]: *** [GNUmakefile:164: 
> libxslt/en/docs/http/ngx_http_ssl_module.html] Error 4
>
> In this particular case, appropriate solution would be to close 
> the paragraph, and put notes into their own paragraph.

Fixed.

> > +If the directive is specified on the <link id="server"/> level,
> > +the value from the default will be used.
> 
> s/the default/the default server/

Fixed.

> Also, reading it again I tend to think that "will be used" might 
> be misleading.  It might be good to adjust this somehow to make it 
> clear that ssl_protocols works if used in the default server, but 
> will use the configuration from the default server if used in a 
> name-based virtual server.  Not sure how though.
> 
> Alternatively, just using "can be used" as in other directives 
> might be good enough.

Fixed.

> > +Defails are provided in the
> 
> s/Defails/Details/

Fixed.

[...]
> > +</para>
> > +
> >  <note>
> >  Параметры <literal>TLSv1.1</literal> и <literal>TLSv1.2</literal>
> >  (1.1.13, 1.0.12) работают только при использовании OpenSSL 1.0.1 и выше.
> 
> Same here.

Fixed.  Here's the update version of the patch, thanks.

# HG changeset patch
# User Sergey A. Osokin <osa at FreeBSD.org.ru>
# Date 1693344638 -10800
#      Wed Aug 30 00:30:38 2023 +0300
# Node ID 44c3f59a54333249114428eaae2005eabdc57e36
# Parent  4e25281328fa2152cadedc52e05f8a1b1bf531cd
Updated ngx_http_ssl_module module documentation.

Provided details about ssl_protocol directive usage by
adding link to the "Server names" document.

diff -r 4e25281328fa -r 44c3f59a5433 xml/en/docs/http/ngx_http_ssl_module.xml
--- a/xml/en/docs/http/ngx_http_ssl_module.xml	Tue Aug 29 09:11:57 2023 +0100
+++ b/xml/en/docs/http/ngx_http_ssl_module.xml	Wed Aug 30 00:30:38 2023 +0300
@@ -10,7 +10,7 @@
 <module name="Module ngx_http_ssl_module"
         link="/en/docs/http/ngx_http_ssl_module.html"
         lang="en"
-        rev="61">
+        rev="62">
 
 <section id="summary">
 
@@ -602,6 +602,17 @@
 
 <para>
 Enables the specified protocols.
+</para>
+
+<para>
+If the directive is specified on the <link id="server"/> level,
+the value from the default server can be used.
+Details are provided in the
+“<link doc="server_names.xml" id="virtual_server_selection">Virtual
+server selection</link>” section.
+</para>
+
+<para>
 <note>
 The <literal>TLSv1.1</literal> and <literal>TLSv1.2</literal> parameters
 (1.1.13, 1.0.12) work only when OpenSSL 1.0.1 or higher is used.
diff -r 4e25281328fa -r 44c3f59a5433 xml/ru/docs/http/ngx_http_ssl_module.xml
--- a/xml/ru/docs/http/ngx_http_ssl_module.xml	Tue Aug 29 09:11:57 2023 +0100
+++ b/xml/ru/docs/http/ngx_http_ssl_module.xml	Wed Aug 30 00:30:38 2023 +0300
@@ -10,7 +10,7 @@
 <module name="Модуль ngx_http_ssl_module"
         link="/ru/docs/http/ngx_http_ssl_module.html"
         lang="ru"
-        rev="61">
+        rev="62">
 
 <section id="summary">
 
@@ -607,6 +607,17 @@
 
 <para>
 Разрешает указанные протоколы.
+</para>
+
+<para>
+Если директива указана на уровне <link id="server"/>, то может
+использоваться значение из сервера по умолчанию.
+Подробнее см. в разделе
+“<link doc="server_names.xml" id="virtual_server_selection">Выбор
+виртуального сервера</link>”.
+</para>
+
+<para>
 <note>
 Параметры <literal>TLSv1.1</literal> и <literal>TLSv1.2</literal>
 (1.1.13, 1.0.12) работают только при использовании OpenSSL 1.0.1 и выше.


-- 
Sergey A. Osokin

From arut at nginx.com  Wed Aug 30 07:32:08 2023
From: arut at nginx.com (Roman Arutyunyan)
Date: Wed, 30 Aug 2023 11:32:08 +0400
Subject: [PATCH] QUIC: use client dcid rather than odcid to receive packets
In-Reply-To: <282507AC-EAF5-402B-8428-47390BEBD0EE@nginx.com>
References: <7f451ca6f449958011e2.1693293559@arut-laptop>
 <282507AC-EAF5-402B-8428-47390BEBD0EE@nginx.com>
Message-ID: <20230830073208.vjqjqimtpe2v65ug@N00W24XTQX>

Hi,

On Tue, Aug 29, 2023 at 09:56:22PM +0400, Sergey Kandaurov wrote:
> 
> > On 29 Aug 2023, at 11:19, Roman Arutyunyan <arut at nginx.com> wrote:
> > 
> > # HG changeset patch
> > # User Roman Arutyunyan <arut at nginx.com>
> > # Date 1693292146 -14400
> > #      Tue Aug 29 10:55:46 2023 +0400
> > # Node ID 7f451ca6f449958011e29aee5231e70be4992374
> > # Parent  58afcd72446ff33811e773f1cabb7866a92a09a0
> > QUIC: use client dcid rather than odcid to receive packets.
> 
> QUIC: using client dcid to receive initial packets.
> 
> ?
> 
> > 
> > Previously, odcid was used to receive initial client packets in case server
> > initial response was lost.  However, dcid should be used instead.  These two
> 
> It takes time to recall meaning of these acronyms, I would expand
> them in the commit log as initial dcid and client dcid for clarity.

Client dcid sounds too vague.  I'd rather stick with 'original dcid' and
'last client dcid'.

> Previously, initial dcid was used ..
> 
> > are the same unless retry is used.  In case of retry, client resends initial
> > packets with the retry dcid.  If server response is lost, the client resends
> > this packet again with the same retry dcid, but not odcid.  This is shown in
> > RFC 9000, 7.3. Authenticating Connection IDs, Figure 8.
> > 
> > The issue manifested itself with creating multiple server sessions in response
> > to each post-retry client initial packet, if server response is lost.
> 
> My archeologist analysis refers to dffb66fb783b, where it seemingly
> was broken.  Before stateless retry support, retry id was inserted
> as part of sending Retry packet, this part was lost in transit.

Back when retry was session-based rather than token-based, listening on the
original dcid made sense until we received retry.  This allowed to avoid
creating multiple sessions when server retry packet was lost.  Anyway it was
too long ago to make any difference now.

> > diff --git a/src/event/quic/ngx_event_quic.c b/src/event/quic/ngx_event_quic.c
> > --- a/src/event/quic/ngx_event_quic.c
> > +++ b/src/event/quic/ngx_event_quic.c
> > @@ -1100,7 +1100,7 @@ ngx_quic_discard_ctx(ngx_connection_t *c
> >     }
> > 
> >     if (level == ssl_encryption_initial) {
> > -        /* close temporary listener with odcid */
> > +        /* close temporary listener with initial dcid */
> >         qsock = ngx_quic_find_socket(c, NGX_QUIC_UNSET_PN);
> >         if (qsock) {
> >             ngx_quic_close_socket(c, qsock);
> > diff --git a/src/event/quic/ngx_event_quic_socket.c b/src/event/quic/ngx_event_quic_socket.c
> > --- a/src/event/quic/ngx_event_quic_socket.c
> > +++ b/src/event/quic/ngx_event_quic_socket.c
> > @@ -93,8 +93,8 @@ ngx_quic_open_sockets(ngx_connection_t *
> > 
> >     tmp->sid.seqnum = NGX_QUIC_UNSET_PN; /* temporary socket */
> > 
> > -    ngx_memcpy(tmp->sid.id, pkt->odcid.data, pkt->odcid.len);
> > -    tmp->sid.len = pkt->odcid.len;
> > +    ngx_memcpy(tmp->sid.id, pkt->dcid.data, pkt->dcid.len);
> > +    tmp->sid.len = pkt->dcid.len;
> > 
> >     if (ngx_quic_listen(c, qc, tmp) != NGX_OK) {
> >         goto failed;
> 
> The change looks good.

I suggest the following commit log:

QUIC: use last client dcid to receive initial packets.

Previously, original dcid was used to receive initial client packets in case
server initial response was lost.  However, last dcid should be used instead.
These two are the same unless retry is used.  In case of retry, client resends
initial packet with a new dcid, that is different from the original dcid.  If
server response is lost, the client resends this packet again with the same
dcid.  This is shown in RFC 9000, 7.3. Authenticating Connection IDs, Figure 8.

The issue manifested itself with creating multiple server sessions in response
to each post-retry client initial packet, if server response is lost.

[..]

--
Roman Arutyunyan

From claireecf at gmail.com  Wed Aug 30 09:07:19 2023
From: claireecf at gmail.com (claire liu)
Date: Wed, 30 Aug 2023 04:07:19 -0500
Subject: Connection Migration Issue
Message-ID: <CAPWKkO9ZxuMU0VG9ndxgrX26bt-U0Odcij4pap98Bvksh0ag0g@mail.gmail.com>

Hello Development Team,

I'd like to inquire about the Connection Migration feature of QUIC in
nginx/1.25.2 mainline. While downloading a large file, I noticed the
connection was interrupted when I switched my internet connection. Is this
feature enabled by default, or do I need to manually activate it? If manual
activation is required, could you guide me on how to configure it?

Thank you for your assistance.

Best regards,
Claire
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20230830/dcc9c8c2/attachment.htm>

From pluknet at nginx.com  Wed Aug 30 09:17:10 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Wed, 30 Aug 2023 13:17:10 +0400
Subject: [PATCH] QUIC: use client dcid rather than odcid to receive packets
In-Reply-To: <20230830073208.vjqjqimtpe2v65ug@N00W24XTQX>
References: <7f451ca6f449958011e2.1693293559@arut-laptop>
 <282507AC-EAF5-402B-8428-47390BEBD0EE@nginx.com>
 <20230830073208.vjqjqimtpe2v65ug@N00W24XTQX>
Message-ID: <81D92FD9-A503-4E79-834F-39ECD38E7B9F@nginx.com>


> On 30 Aug 2023, at 11:32, Roman Arutyunyan <arut at nginx.com> wrote:
> 
> Hi,
> 
> [..]
> I suggest the following commit log:
> 
> QUIC: use last client dcid to receive initial packets.
> 
> Previously, original dcid was used to receive initial client packets in case
> server initial response was lost.  However, last dcid should be used instead.
> These two are the same unless retry is used.  In case of retry, client resends
> initial packet with a new dcid, that is different from the original dcid.  If
> server response is lost, the client resends this packet again with the same
> dcid.  This is shown in RFC 9000, 7.3. Authenticating Connection IDs, Figure 8.
> 
> The issue manifested itself with creating multiple server sessions in response
> to each post-retry client initial packet, if server response is lost.
> 
> [..]

Good enough.

-- 
Sergey Kandaurov

From arut at nginx.com  Wed Aug 30 12:25:28 2023
From: arut at nginx.com (Roman Arutyunyan)
Date: Wed, 30 Aug 2023 12:25:28 +0000
Subject: [nginx] QUIC: use last client dcid to receive initial packets.
Message-ID: <hg.8f7e6d8c061e.1693398328.6026610855610030274@dev.nginx>

details:   https://hg.nginx.org/nginx/rev/8f7e6d8c061e
branches:  
changeset: 9153:8f7e6d8c061e
user:      Roman Arutyunyan <arut at nginx.com>
date:      Wed Aug 30 11:09:21 2023 +0400
description:
QUIC: use last client dcid to receive initial packets.

Previously, original dcid was used to receive initial client packets in case
server initial response was lost.  However, last dcid should be used instead.
These two are the same unless retry is used.  In case of retry, client resends
initial packet with a new dcid, that is different from the original dcid.  If
server response is lost, the client resends this packet again with the same
dcid.  This is shown in RFC 9000, 7.3. Authenticating Connection IDs, Figure 8.

The issue manifested itself with creating multiple server sessions in response
to each post-retry client initial packet, if server response is lost.

diffstat:

 src/event/quic/ngx_event_quic.c        |  2 +-
 src/event/quic/ngx_event_quic_socket.c |  4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diffs (26 lines):

diff -r 2880f60a80c3 -r 8f7e6d8c061e src/event/quic/ngx_event_quic.c
--- a/src/event/quic/ngx_event_quic.c	Fri Aug 25 13:51:38 2023 +0400
+++ b/src/event/quic/ngx_event_quic.c	Wed Aug 30 11:09:21 2023 +0400
@@ -1110,7 +1110,7 @@ ngx_quic_discard_ctx(ngx_connection_t *c
     }
 
     if (level == ssl_encryption_initial) {
-        /* close temporary listener with odcid */
+        /* close temporary listener with initial dcid */
         qsock = ngx_quic_find_socket(c, NGX_QUIC_UNSET_PN);
         if (qsock) {
             ngx_quic_close_socket(c, qsock);
diff -r 2880f60a80c3 -r 8f7e6d8c061e src/event/quic/ngx_event_quic_socket.c
--- a/src/event/quic/ngx_event_quic_socket.c	Fri Aug 25 13:51:38 2023 +0400
+++ b/src/event/quic/ngx_event_quic_socket.c	Wed Aug 30 11:09:21 2023 +0400
@@ -93,8 +93,8 @@ ngx_quic_open_sockets(ngx_connection_t *
 
     tmp->sid.seqnum = NGX_QUIC_UNSET_PN; /* temporary socket */
 
-    ngx_memcpy(tmp->sid.id, pkt->odcid.data, pkt->odcid.len);
-    tmp->sid.len = pkt->odcid.len;
+    ngx_memcpy(tmp->sid.id, pkt->dcid.data, pkt->dcid.len);
+    tmp->sid.len = pkt->dcid.len;
 
     if (ngx_quic_listen(c, qc, tmp) != NGX_OK) {
         goto failed;

From v.zhestikov at f5.com  Wed Aug 30 19:07:50 2023
From: v.zhestikov at f5.com (Vadim Zhestikov)
Date: Wed, 30 Aug 2023 19:07:50 +0000
Subject: [njs] Introduced flat hash.
Message-ID: <hg.c7d2a7846b0b.1693422470.5965299922797593991@dev.nginx>

details:   https://hg.nginx.org/njs/rev/c7d2a7846b0b
branches:  
changeset: 2186:c7d2a7846b0b
user:      Vadim Zhestikov <v.zhestikov at f5.com>
date:      Wed Aug 30 12:06:12 2023 -0700
description:
Introduced flat hash.

Object property enumeration order is corrected.
This fixes #189 issue on Github.

diffstat:

 auto/sources                  |    2 +-
 external/njs_shell.c          |    4 +-
 src/njs_array.c               |   45 +++-
 src/njs_array.h               |    2 +
 src/njs_array_buffer.c        |    4 +-
 src/njs_async.c               |    4 +-
 src/njs_buffer.c              |    4 +-
 src/njs_date.c                |    4 +-
 src/njs_encoding.c            |    8 +-
 src/njs_error.c               |   40 +-
 src/njs_flathsh.c             |  560 ++++++++++++++++++++++++++++++++++++++++++
 src/njs_flathsh.h             |  156 +++++++++++
 src/njs_function.c            |    8 +-
 src/njs_main.h                |    2 +-
 src/njs_number.c              |    4 +-
 src/njs_object.c              |  511 +++++++++++++++++++++++--------------
 src/njs_object_prop.c         |    1 +
 src/njs_promise.c             |    4 +-
 src/njs_regexp.c              |    4 +-
 src/njs_string.c              |    4 +-
 src/njs_symbol.c              |    4 +-
 src/njs_typed_array.c         |   40 +-
 src/njs_value.c               |   43 ++-
 src/njs_value.h               |    3 +-
 src/njs_vm.c                  |    2 +-
 src/test/lvlhsh_unit_test.c   |    2 +-
 src/test/njs_externals_test.c |    2 +-
 src/test/njs_unit_test.c      |   39 +-
 28 files changed, 1215 insertions(+), 291 deletions(-)

diffs (truncated from 2123 to 1000 lines):

diff -r c0f581b26e84 -r c7d2a7846b0b auto/sources
--- a/auto/sources	Wed Aug 23 10:09:22 2023 -0700
+++ b/auto/sources	Wed Aug 30 12:06:12 2023 -0700
@@ -10,7 +10,7 @@ NJS_LIB_SRCS=" \
    src/njs_utf16.c \
    src/njs_arr.c \
    src/njs_rbtree.c \
-   src/njs_lvlhsh.c \
+   src/njs_flathsh.c \
    src/njs_trace.c \
    src/njs_random.c \
    src/njs_md5.c \
diff -r c0f581b26e84 -r c7d2a7846b0b external/njs_shell.c
--- a/external/njs_shell.c	Wed Aug 23 10:09:22 2023 -0700
+++ b/external/njs_shell.c	Wed Aug 30 12:06:12 2023 -0700
@@ -11,7 +11,7 @@
 #include <njs_arr.h>
 #include <njs_queue.h>
 #include <njs_rbtree.h>
-#include <njs_lvlhsh.h>
+#include <njs_flathsh.h>
 #include <njs_djb_hash.h>
 
 #if (!defined NJS_FUZZER_TARGET && defined NJS_HAVE_READLINE)
@@ -1636,7 +1636,7 @@ lvlhsh_key_test(njs_lvlhsh_query_t *lhq,
 static void *
 lvlhsh_pool_alloc(void *pool, size_t size)
 {
-    return njs_mp_align(pool, size, size);
+    return njs_mp_align(pool, NJS_MAX_ALIGNMENT, size);
 }
 
 
diff -r c0f581b26e84 -r c7d2a7846b0b src/njs_array.c
--- a/src/njs_array.c	Wed Aug 23 10:09:22 2023 -0700
+++ b/src/njs_array.c	Wed Aug 30 12:06:12 2023 -0700
@@ -609,10 +609,10 @@ njs_array_of(njs_vm_t *vm, njs_value_t *
 
 static const njs_object_prop_t  njs_array_constructor_properties[] =
 {
+    NJS_DECLARE_PROP_LENGTH(1),
+
     NJS_DECLARE_PROP_NAME("Array"),
 
-    NJS_DECLARE_PROP_LENGTH(1),
-
     NJS_DECLARE_PROP_HANDLER("prototype", njs_object_prototype_create, 0, 0, 0),
 
     NJS_DECLARE_PROP_NATIVE("from", njs_array_from, 1, 0),
@@ -1828,6 +1828,47 @@ njs_array_indices_handler(const void *fi
 }
 
 
+int
+njs_array_indices_handler_nums(const void *first, const void *second, void *ctx)
+{
+    double             num1, num2;
+    int64_t            diff;
+    const njs_value_t  *val1, *val2;
+
+    val1 = first;
+    val2 = second;
+
+    num1 = njs_string_to_index(val1);
+    num2 = njs_string_to_index(val2);
+
+    if (!isnan(num1) || !isnan(num2)) {
+        if (isnan(num1)) {
+            if (!isnan(num2)) {
+                return 1;
+
+            } else {
+
+                return 0;
+            }
+        }
+
+        if (isnan(num2)) {
+            return -1;
+        }
+
+        diff = (int64_t) (num1 - num2);
+
+        if (diff < 0) {
+            return -1;
+        }
+
+        return diff != 0;
+    }
+
+    return 0;
+}
+
+
 njs_array_t *
 njs_array_keys(njs_vm_t *vm, njs_value_t *object, njs_bool_t all)
 {
diff -r c0f581b26e84 -r c7d2a7846b0b src/njs_array.h
--- a/src/njs_array.h	Wed Aug 23 10:09:22 2023 -0700
+++ b/src/njs_array.h	Wed Aug 30 12:06:12 2023 -0700
@@ -36,6 +36,8 @@ njs_int_t njs_array_expand(njs_vm_t *vm,
     uint32_t append);
 njs_int_t njs_array_prototype_to_string(njs_vm_t *vm, njs_value_t *args,
     njs_uint_t nargs, njs_index_t unused, njs_value_t *retval);
+int njs_array_indices_handler_nums(const void *first, const void *second,
+    void *ctx);
 
 
 njs_inline njs_value_t *
diff -r c0f581b26e84 -r c7d2a7846b0b src/njs_array_buffer.c
--- a/src/njs_array_buffer.c	Wed Aug 23 10:09:22 2023 -0700
+++ b/src/njs_array_buffer.c	Wed Aug 30 12:06:12 2023 -0700
@@ -141,9 +141,9 @@ njs_array_buffer_writable(njs_vm_t *vm, 
 
 static const njs_object_prop_t  njs_array_buffer_constructor_properties[] =
 {
-    NJS_DECLARE_PROP_NAME("ArrayBuffer"),
+    NJS_DECLARE_PROP_LENGTH(1),
 
-    NJS_DECLARE_PROP_LENGTH(1),
+    NJS_DECLARE_PROP_NAME("ArrayBuffer"),
 
     NJS_DECLARE_PROP_HANDLER("prototype", njs_object_prototype_create, 0, 0, 0),
 
diff -r c0f581b26e84 -r c7d2a7846b0b src/njs_async.c
--- a/src/njs_async.c	Wed Aug 23 10:09:22 2023 -0700
+++ b/src/njs_async.c	Wed Aug 30 12:06:12 2023 -0700
@@ -163,9 +163,9 @@ njs_async_context_free(njs_vm_t *vm, njs
 
 static const njs_object_prop_t  njs_async_constructor_properties[] =
 {
-    NJS_DECLARE_PROP_NAME("AsyncFunction"),
+    NJS_DECLARE_PROP_LENGTH(1),
 
-    NJS_DECLARE_PROP_LENGTH(1),
+    NJS_DECLARE_PROP_NAME("AsyncFunction"),
 
     NJS_DECLARE_PROP_HANDLER("prototype", njs_object_prototype_create, 0, 0, 0),
 };
diff -r c0f581b26e84 -r c7d2a7846b0b src/njs_buffer.c
--- a/src/njs_buffer.c	Wed Aug 23 10:09:22 2023 -0700
+++ b/src/njs_buffer.c	Wed Aug 30 12:06:12 2023 -0700
@@ -2538,10 +2538,10 @@ const njs_object_init_t  njs_buffer_prot
 
 static const njs_object_prop_t  njs_buffer_constructor_properties[] =
 {
+    NJS_DECLARE_PROP_LENGTH(0),
+
     NJS_DECLARE_PROP_NAME("Buffer"),
 
-    NJS_DECLARE_PROP_LENGTH(0),
-
     NJS_DECLARE_PROP_HANDLER("prototype", njs_object_prototype_create, 0, 0, 0),
 
     NJS_DECLARE_PROP_NATIVE("alloc", njs_buffer_alloc_safe, 0, 1),
diff -r c0f581b26e84 -r c7d2a7846b0b src/njs_date.c
--- a/src/njs_date.c	Wed Aug 23 10:09:22 2023 -0700
+++ b/src/njs_date.c	Wed Aug 30 12:06:12 2023 -0700
@@ -1109,9 +1109,9 @@ njs_date_number_parse(int64_t *value, co
 
 static const njs_object_prop_t  njs_date_constructor_properties[] =
 {
-    NJS_DECLARE_PROP_NAME("Date"),
+    NJS_DECLARE_PROP_LENGTH(7),
 
-    NJS_DECLARE_PROP_LENGTH(7),
+    NJS_DECLARE_PROP_NAME("Date"),
 
     NJS_DECLARE_PROP_HANDLER("prototype", njs_object_prototype_create, 0, 0, 0),
 
diff -r c0f581b26e84 -r c7d2a7846b0b src/njs_encoding.c
--- a/src/njs_encoding.c	Wed Aug 23 10:09:22 2023 -0700
+++ b/src/njs_encoding.c	Wed Aug 30 12:06:12 2023 -0700
@@ -256,9 +256,9 @@ const njs_object_init_t  njs_text_encode
 
 static const njs_object_prop_t  njs_text_encoder_constructor_properties[] =
 {
-    NJS_DECLARE_PROP_NAME("TextEncoder"),
+    NJS_DECLARE_PROP_LENGTH(0),
 
-    NJS_DECLARE_PROP_LENGTH(0),
+    NJS_DECLARE_PROP_NAME("TextEncoder"),
 
     NJS_DECLARE_PROP_HANDLER("prototype", njs_object_prototype_create, 0, 0, 0),
 };
@@ -593,9 +593,9 @@ const njs_object_init_t  njs_text_decode
 
 static const njs_object_prop_t  njs_text_decoder_constructor_properties[] =
 {
-    NJS_DECLARE_PROP_NAME("TextDecoder"),
+    NJS_DECLARE_PROP_LENGTH(0),
 
-    NJS_DECLARE_PROP_LENGTH(0),
+    NJS_DECLARE_PROP_NAME("TextDecoder"),
 
     NJS_DECLARE_PROP_HANDLER("prototype", njs_object_prototype_create, 0, 0, 0),
 };
diff -r c0f581b26e84 -r c7d2a7846b0b src/njs_error.c
--- a/src/njs_error.c	Wed Aug 23 10:09:22 2023 -0700
+++ b/src/njs_error.c	Wed Aug 30 12:06:12 2023 -0700
@@ -354,9 +354,9 @@ njs_error_constructor(njs_vm_t *vm, njs_
 
 static const njs_object_prop_t  njs_error_constructor_properties[] =
 {
-    NJS_DECLARE_PROP_NAME("Error"),
+    NJS_DECLARE_PROP_LENGTH(1),
 
-    NJS_DECLARE_PROP_LENGTH(1),
+    NJS_DECLARE_PROP_NAME("Error"),
 
     NJS_DECLARE_PROP_HANDLER("prototype", njs_object_prototype_create, 0, 0, 0),
 };
@@ -370,9 +370,9 @@ const njs_object_init_t  njs_error_const
 
 static const njs_object_prop_t  njs_eval_error_constructor_properties[] =
 {
-    NJS_DECLARE_PROP_NAME("EvalError"),
+    NJS_DECLARE_PROP_LENGTH(1),
 
-    NJS_DECLARE_PROP_LENGTH(1),
+    NJS_DECLARE_PROP_NAME("EvalError"),
 
     NJS_DECLARE_PROP_HANDLER("prototype", njs_object_prototype_create, 0, 0, 0),
 };
@@ -386,9 +386,9 @@ const njs_object_init_t  njs_eval_error_
 
 static const njs_object_prop_t  njs_internal_error_constructor_properties[] =
 {
-    NJS_DECLARE_PROP_NAME("InternalError"),
+    NJS_DECLARE_PROP_LENGTH(1),
 
-    NJS_DECLARE_PROP_LENGTH(1),
+    NJS_DECLARE_PROP_NAME("InternalError"),
 
     NJS_DECLARE_PROP_HANDLER("prototype", njs_object_prototype_create, 0, 0, 0),
 };
@@ -402,9 +402,9 @@ const njs_object_init_t  njs_internal_er
 
 static const njs_object_prop_t  njs_range_error_constructor_properties[] =
 {
-    NJS_DECLARE_PROP_NAME("RangeError"),
+    NJS_DECLARE_PROP_LENGTH(1),
 
-    NJS_DECLARE_PROP_LENGTH(1),
+    NJS_DECLARE_PROP_NAME("RangeError"),
 
     NJS_DECLARE_PROP_HANDLER("prototype", njs_object_prototype_create, 0, 0, 0),
 };
@@ -418,9 +418,9 @@ const njs_object_init_t  njs_range_error
 
 static const njs_object_prop_t  njs_reference_error_constructor_properties[] =
 {
-    NJS_DECLARE_PROP_NAME("ReferenceError"),
+    NJS_DECLARE_PROP_LENGTH(1),
 
-    NJS_DECLARE_PROP_LENGTH(1),
+    NJS_DECLARE_PROP_NAME("ReferenceError"),
 
     NJS_DECLARE_PROP_HANDLER("prototype", njs_object_prototype_create, 0, 0, 0),
 };
@@ -434,9 +434,9 @@ const njs_object_init_t  njs_reference_e
 
 static const njs_object_prop_t  njs_syntax_error_constructor_properties[] =
 {
-    NJS_DECLARE_PROP_NAME("SyntaxError"),
+    NJS_DECLARE_PROP_LENGTH(1),
 
-    NJS_DECLARE_PROP_LENGTH(1),
+    NJS_DECLARE_PROP_NAME("SyntaxError"),
 
     NJS_DECLARE_PROP_HANDLER("prototype", njs_object_prototype_create, 0, 0, 0),
 };
@@ -450,9 +450,9 @@ const njs_object_init_t  njs_syntax_erro
 
 static const njs_object_prop_t  njs_type_error_constructor_properties[] =
 {
-    NJS_DECLARE_PROP_NAME("TypeError"),
+    NJS_DECLARE_PROP_LENGTH(1),
 
-    NJS_DECLARE_PROP_LENGTH(1),
+    NJS_DECLARE_PROP_NAME("TypeError"),
 
     NJS_DECLARE_PROP_HANDLER("prototype", njs_object_prototype_create, 0, 0, 0),
 };
@@ -466,9 +466,9 @@ const njs_object_init_t  njs_type_error_
 
 static const njs_object_prop_t  njs_uri_error_constructor_properties[] =
 {
-    NJS_DECLARE_PROP_NAME("URIError"),
+    NJS_DECLARE_PROP_LENGTH(1),
 
-    NJS_DECLARE_PROP_LENGTH(1),
+    NJS_DECLARE_PROP_NAME("URIError"),
 
     NJS_DECLARE_PROP_HANDLER("prototype", njs_object_prototype_create, 0, 0, 0),
 };
@@ -482,9 +482,9 @@ const njs_object_init_t  njs_uri_error_c
 
 static const njs_object_prop_t  njs_aggregate_error_constructor_properties[] =
 {
-    NJS_DECLARE_PROP_NAME("AggregateError"),
+    NJS_DECLARE_PROP_LENGTH(1),
 
-    NJS_DECLARE_PROP_LENGTH(1),
+    NJS_DECLARE_PROP_NAME("AggregateError"),
 
     NJS_DECLARE_PROP_HANDLER("prototype", njs_object_prototype_create, 0, 0, 0),
 };
@@ -566,9 +566,9 @@ njs_memory_error_prototype_create(njs_vm
 
 static const njs_object_prop_t  njs_memory_error_constructor_properties[] =
 {
-    NJS_DECLARE_PROP_NAME("MemoryError"),
+    NJS_DECLARE_PROP_LENGTH(1),
 
-    NJS_DECLARE_PROP_LENGTH(1),
+    NJS_DECLARE_PROP_NAME("MemoryError"),
 
     NJS_DECLARE_PROP_HANDLER("prototype", njs_memory_error_prototype_create,
                              0, 0, 0),
diff -r c0f581b26e84 -r c7d2a7846b0b src/njs_flathsh.c
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/njs_flathsh.c	Wed Aug 30 12:06:12 2023 -0700
@@ -0,0 +1,560 @@
+
+/*
+ * Copyright (C) NGINX, Inc.
+ */
+
+#include <njs_main.h>
+
+/*
+ * Flat hash consists of dynamic DATA STRUCTURE and set of OPERATIONS.
+ *
+ * DATA STRUCTURE
+ *    Consists of 3 parts allocated one by one in chunk of memory:
+ *
+ *    HASH_CELLS   array of indices of 1st list element in ELEMENTS array,
+ *                 or 0 if list is empty. HASH_CELLS_length is power of 2.
+ *    DESCRIPTOR   contains hash_mask (= HASH_CELLS_Length - 1), ELEMENTS_size,
+ *                 number of last used element in ELEMENTS,
+ *                 number of deleted elements in ELEMENTS;
+ *    ELEMENTS     array of: [index of next element, hash_function(KEY),
+ *                 link to stored value or NULL if element is not used)].
+ *
+ * PROPERTIES of flat hash
+ *     It is relocatable in memory, preserve insertion order, expand and shrink
+ *     depending on number elements in it, maximum occupancy is 2^32-2 elements.
+ *
+ * OPERATIONS
+ *    ADD element by key S with value V
+ *      Prerequisite: be sure if flat hash not contains S. If ELEMENTS has free
+ *      space after last element, then this element is populated by: V,
+ *      hash_function(S), S. Then element is added to correspondent HASH_CELL.
+ *      In case when no free element in ELEMENTS, DATA STRUCTURE is expanded by
+ *      expnad_elts(). It does the following: ELEMENTS_size is increased by
+ *      EXPAND_FACTOR, which value is expected to be > 1. For fast access to
+ *      stored values, HASH_CELLS_size need to be big enough to provide its low
+ *      population: in average less than 1 element per HASH_CELL.  So,
+ *      if HASH_CELLS_size < ELEMENTS_size then it will try doubling
+ *      HASH_CELLS_size, until new HASH_CELLS_size >= ELEMENTS_size. Now
+ *      new HASH_CELLS_size and new ELEMENTS_size are both defined. New
+ *      expanded hash is obtained as:
+ *          if HASH_CELLS_size is not increased, then
+ *              reallocate full DATA STRUCTURE,
+ *          else
+ *              create new DATA STRUCTURE and populate it
+ *              by ELEMENTS from old DATA STRUCTURE.
+ *          Replace old DATA STRUCTURE by new one and release old one.
+ *
+ *    FIND element by key S
+ *      HASH_CELLS is array which contains cells of hash
+ *      table. As entry to the table the following index is used:
+ *          cell_num = hash_function(S) & hash_nask
+ *      hash_function is external and it is not specified here, it is needed to
+ *      be good hash function for Ss, and produce results in range from 0 to
+ *      at least 2^32 - 1; hash_mask is located in DESCRIPTOR, and it is equal
+ *      to HASH_CELLS_size - 1, where HASH_CELLS_size is always power of 2.
+ *      hash cell contains (may be empty) list of hash elements with same
+ *      cell_num. Now run over the list of elements and test if some element
+ *      contains link to S. Test function is external and is not specified here.
+ *
+ *    DELETE element by key S
+ *      Locate S in ELEMENTS and remove it from elements list. Update number
+ *      of removed elements in hash_decriptor. Mark deleted
+ *      element as not used/deleted. If number of deleted elements is big
+ *      enough, then use shrink_elts(): it removes gaps in ELEMENTS, shrinks if
+ *      required HASH_CELLS, and creates new DATA STRUCTURE.
+ *
+ *    ENUMERATE all elements in order of insertion
+ *      Returns one by one used elements from ELEMENTS.
+ */
+
+
+#define NJS_FLATHSH_ELTS_INITIAL_SIZE         2
+#define NJS_FLATHSH_HASH_INITIAL_SIZE         4
+#define NJS_FLATHSH_ELTS_EXPAND_FACTOR_NUM    3
+#define NJS_FLATHSH_ELTS_EXPAND_FACTOR_DENOM  2
+#define NJS_FLATHSH_ELTS_FRACTION_TO_SHRINK   2
+#define NJS_FLATHSH_ELTS_MINIMUM_TO_SHRINK    8
+
+
+struct njs_flathsh_descr_s {
+    uint32_t     hash_mask;
+    uint32_t     elts_size;          /* allocated properties */
+    uint32_t     elts_count;         /* include deleted properties */
+    uint32_t     elts_deleted_count;
+};
+
+
+static njs_flathsh_descr_t *njs_flathsh_alloc(njs_flathsh_query_t *fhq,
+    size_t hash_size, size_t elts_size);
+static njs_flathsh_descr_t *njs_expand_elts(njs_flathsh_query_t *fhq,
+    njs_flathsh_descr_t *h, uint32_t count);
+
+
+njs_inline size_t
+njs_flathsh_chunk_size(size_t hash_size, size_t elts_size)
+{
+    return hash_size * sizeof(uint32_t) + sizeof(njs_flathsh_descr_t) +
+           elts_size * sizeof(njs_flathsh_elt_t);
+}
+
+
+njs_inline void *
+njs_flathsh_malloc(njs_flathsh_query_t *fhq, size_t size)
+{
+    return
+#ifdef NJS_FLATHSH_USE_SYSTEM_ALLOCATOR
+    malloc(size)
+#else
+    fhq->proto->alloc(fhq->pool, size)
+#endif
+    ;
+}
+
+
+njs_inline void
+njs_flathsh_free(njs_flathsh_query_t *fhq, void *ptr)
+{
+#ifdef NJS_FLATHSH_USE_SYSTEM_ALLOCATOR
+    free(ptr)
+#else
+    fhq->proto->free(fhq->pool, ptr, 0)
+#endif
+    ;
+}
+
+
+njs_inline njs_flathsh_descr_t *
+njs_flathsh_descr(void *chunk, size_t hash_size)
+{
+    return (njs_flathsh_descr_t *) ((uint32_t *) chunk + hash_size);
+}
+
+
+njs_inline uint32_t *
+njs_hash_cells_end(njs_flathsh_descr_t *h)
+{
+    return (uint32_t *) h;
+}
+
+
+njs_inline void *
+njs_flathsh_chunk(njs_flathsh_descr_t *h)
+{
+    return njs_hash_cells_end(h) - ((njs_int_t) h->hash_mask + 1);
+}
+
+
+njs_inline njs_flathsh_elt_t *
+njs_hash_elts(njs_flathsh_descr_t *h)
+{
+    return (njs_flathsh_elt_t *) ((char *) h + sizeof(njs_flathsh_descr_t));
+}
+
+
+/*
+ * Create a new empty flat hash.
+ */
+njs_flathsh_descr_t *
+njs_flathsh_new(njs_flathsh_query_t *fhq)
+{
+    return njs_flathsh_alloc(fhq, NJS_FLATHSH_HASH_INITIAL_SIZE,
+                           NJS_FLATHSH_ELTS_INITIAL_SIZE);
+}
+
+
+static njs_flathsh_descr_t *
+njs_flathsh_alloc(njs_flathsh_query_t *fhq, size_t hash_size, size_t elts_size)
+{
+    void                 *chunk;
+    size_t               size;
+    njs_flathsh_descr_t  *h;
+
+    njs_assert_msg(hash_size != 0 && (hash_size & (hash_size - 1)) == 0,
+                   "hash_size must be a power of two");
+
+    size = njs_flathsh_chunk_size(hash_size, elts_size);
+
+    chunk = njs_flathsh_malloc(fhq, size);
+    if (njs_slow_path(chunk == NULL)) {
+        return NULL;
+    }
+
+    h = njs_flathsh_descr(chunk, hash_size);
+
+    njs_memzero(chunk, sizeof(uint32_t) * hash_size);
+
+    h->hash_mask = hash_size - 1;
+    h->elts_size = elts_size;
+    h->elts_count = 0;
+    h->elts_deleted_count = 0;
+
+    return h;
+}
+
+
+njs_flathsh_elt_t *
+njs_flathsh_add_elt(njs_flathsh_t *fh, njs_flathsh_query_t *fhq)
+{
+    njs_int_t            cell_num;
+    njs_flathsh_elt_t    *elt, *elts;
+    njs_flathsh_descr_t  *h;
+
+    h = fh->slot;
+    if (njs_slow_path(h == NULL)) {
+        return NULL;
+    }
+
+    if (njs_slow_path(h->elts_count >= h->elts_size)) {
+        h = njs_expand_elts(fhq, fh->slot, h->elts_count + 1);
+        if (njs_slow_path(h == NULL)) {
+            return NULL;
+        }
+
+        fh->slot = h;
+    }
+
+    elts = njs_hash_elts(h);
+    elt = &elts[h->elts_count++];
+
+    elt->value = fhq->value;
+    elt->key_hash = fhq->key_hash;
+
+    cell_num = fhq->key_hash & h->hash_mask;
+    elt->next_elt = njs_hash_cells_end(h)[-cell_num - 1];
+    njs_hash_cells_end(h)[-cell_num - 1] = h->elts_count;
+
+    return elt;
+}
+
+
+static njs_flathsh_descr_t *
+njs_expand_elts(njs_flathsh_query_t *fhq, njs_flathsh_descr_t *h,
+    uint32_t count)
+{
+    void                 *chunk;
+    size_t               size;
+    uint32_t             new_elts_size, new_hash_size, new_hash_mask, i;
+    njs_int_t            cell_num;
+    njs_flathsh_elt_t    *elt;
+    njs_flathsh_descr_t  *h_src;
+
+    new_elts_size = h->elts_size * NJS_FLATHSH_ELTS_EXPAND_FACTOR_NUM /
+                                          NJS_FLATHSH_ELTS_EXPAND_FACTOR_DENOM;
+    new_elts_size = njs_max(count, new_elts_size);
+
+    new_hash_size = h->hash_mask + 1;
+
+    while (new_hash_size < new_elts_size) {
+        new_hash_size = 2 * new_hash_size;
+    }
+
+    if (new_hash_size != (h->hash_mask + 1)) {
+
+        /* Expand both hash table cells and its elts. */
+
+        h_src = h;
+        size = njs_flathsh_chunk_size(new_hash_size, new_elts_size);
+        chunk = njs_flathsh_malloc(fhq, size);
+        if (njs_slow_path(chunk == NULL)) {
+            return NULL;
+        }
+
+        h = njs_flathsh_descr(chunk, new_hash_size);
+
+        memcpy(h, h_src, sizeof(njs_flathsh_descr_t) +
+               sizeof(njs_flathsh_elt_t) * h_src->elts_size);
+
+        new_hash_mask = new_hash_size - 1;
+        h->hash_mask = new_hash_mask;
+        njs_memzero(chunk, sizeof(uint32_t) * new_hash_size);
+
+        for (i = 0, elt = njs_hash_elts(h); i < h->elts_count; i++, elt++) {
+            if (elt->value != NULL) {
+                cell_num = elt->key_hash & new_hash_mask;
+                elt->next_elt = njs_hash_cells_end(h)[-cell_num - 1];
+                njs_hash_cells_end(h)[-cell_num - 1] = i + 1;
+            }
+        }
+
+        njs_flathsh_free(fhq, njs_flathsh_chunk(h_src));
+
+    } else {
+
+        size = njs_flathsh_chunk_size(new_hash_size, new_elts_size);
+
+        /* Expand elts only. */
+#ifdef NJS_FLATHSH_USE_SYSTEM_ALLOCATOR
+        chunk = realloc(njs_flathsh_chunk(h), size);
+        if (njs_slow_path(chunk == NULL)) {
+            return NULL;
+        }
+
+#else
+        chunk = fhq->proto->alloc(fhq->pool, size);
+        if (njs_slow_path(chunk == NULL)) {
+            return NULL;
+        }
+
+        memcpy(chunk, njs_flathsh_chunk(h),
+               njs_flathsh_chunk_size(h->hash_mask + 1, h->elts_size));
+
+        fhq->proto->free(fhq->pool, njs_flathsh_chunk(h), 0);
+#endif
+        h = njs_flathsh_descr(chunk, new_hash_size);
+    }
+
+    h->elts_size = new_elts_size;
+
+    return h;
+}
+
+
+njs_int_t
+njs_flathsh_find(const njs_flathsh_t *fh, njs_flathsh_query_t *fhq)
+{
+    njs_int_t            cell_num, elt_num;
+    njs_flathsh_elt_t    *e, *elts;
+    njs_flathsh_descr_t  *h;
+
+    h = fh->slot;
+    if (njs_slow_path(h == NULL)) {
+        return NJS_DECLINED;
+    }
+
+    cell_num = fhq->key_hash & h->hash_mask;
+    elt_num = njs_hash_cells_end(h)[-cell_num - 1];
+    elts = njs_hash_elts(h);
+
+    while (elt_num != 0) {
+        e = &elts[elt_num - 1];
+
+        /* TODO: need to be replaced by atomic test. */
+
+        if (e->key_hash == fhq->key_hash &&
+            fhq->proto->test(fhq, e->value) == NJS_OK)
+        {
+            fhq->value = e->value;
+            return NJS_OK;
+        }
+
+        elt_num = e->next_elt;
+    }
+
+    return NJS_DECLINED;
+}
+
+
+njs_int_t
+njs_flathsh_insert(njs_flathsh_t *fh, njs_flathsh_query_t *fhq)
+{
+    void                 *tmp;
+    njs_int_t            cell_num, elt_num;
+    njs_flathsh_elt_t    *elt, *elts;
+    njs_flathsh_descr_t  *h;
+
+    h = fh->slot;
+
+    if (h == NULL) {
+        h = njs_flathsh_new(fhq);
+        if (h == NULL) {
+            return NJS_ERROR;
+        }
+
+        fh->slot = h;
+    }
+
+    cell_num = fhq->key_hash & h->hash_mask;
+    elt_num = njs_hash_cells_end(h)[-cell_num - 1];
+    elts = njs_hash_elts(h);
+
+    while (elt_num != 0) {
+        elt = &elts[elt_num - 1];
+
+        /* TODO: need to be replaced by atomic test. */
+
+        if (elt->key_hash == fhq->key_hash &&
+            fhq->proto->test(fhq, elt->value) == NJS_OK)
+        {
+            if (fhq->replace) {
+                tmp = fhq->value;
+                fhq->value = elt->value;
+                elt->value = tmp;
+
+                return NJS_OK;
+
+            } else {
+                fhq->value = elt->value;
+
+                return NJS_DECLINED;
+            }
+        }
+
+        elt_num = elt->next_elt;
+    }
+
+    elt = njs_flathsh_add_elt(fh, fhq);
+    if (elt == NULL) {
+        return NJS_ERROR;
+    }
+
+    elt->value = fhq->value;
+
+    return NJS_OK;
+}
+
+
+static njs_flathsh_descr_t *
+njs_shrink_elts(njs_flathsh_query_t *fhq, njs_flathsh_descr_t *h)
+{
+    void                 *chunk;
+    njs_int_t            cell_num;
+    uint32_t             i, j, new_hash_size, new_hash_mask, new_elts_size;
+    njs_flathsh_elt_t    *elt, *elt_src;
+    njs_flathsh_descr_t  *h_src;
+
+    new_elts_size = njs_max(NJS_FLATHSH_ELTS_INITIAL_SIZE,
+                            h->elts_count - h->elts_deleted_count);
+
+    njs_assert(new_elts_size <= h->elts_size);
+
+    new_hash_size = h->hash_mask + 1;
+    while ((new_hash_size / 2) >= new_elts_size) {
+        new_hash_size = new_hash_size / 2;
+    }
+
+    new_hash_mask = new_hash_size - 1;
+
+    h_src = h;
+    chunk = njs_flathsh_malloc(fhq, njs_flathsh_chunk_size(new_hash_size,
+                                                           new_elts_size));
+    if (njs_slow_path(chunk == NULL)) {
+        return NULL;
+    }
+
+    h = njs_flathsh_descr(chunk, new_hash_size);
+    memcpy(h, h_src, sizeof(njs_flathsh_descr_t));
+
+    njs_memzero(njs_hash_cells_end(h) - new_hash_size,
+                sizeof(uint32_t) * new_hash_size);
+
+    elt_src = njs_hash_elts(h_src);
+    for (i = 0, j = 0, elt = njs_hash_elts(h); i < h->elts_count; i++) {
+        if (elt_src->value != NULL) {
+            elt->value = elt_src->value;
+            elt->key_hash = elt_src->key_hash;
+
+            cell_num = elt_src->key_hash & new_hash_mask;
+            elt->next_elt = njs_hash_cells_end(h)[-cell_num - 1];
+            njs_hash_cells_end(h)[-cell_num - 1] = j + 1;
+            j++;
+            elt++;
+        }
+
+        elt_src++;
+    }
+
+    njs_assert(j == (h->elts_count - h->elts_deleted_count));
+
+    h->hash_mask = new_hash_mask;
+    h->elts_size = new_elts_size;
+    h->elts_deleted_count = 0;
+    h->elts_count = j;
+
+    njs_flathsh_free(fhq, njs_flathsh_chunk(h_src));
+
+    return h;
+}
+
+
+njs_int_t
+njs_flathsh_delete(njs_flathsh_t *fh, njs_flathsh_query_t *fhq)
+{
+    njs_int_t            cell_num, elt_num;
+    njs_flathsh_elt_t    *elt, *elt_prev, *elts;
+    njs_flathsh_descr_t  *h;
+
+    h = fh->slot;
+
+    if (njs_slow_path(h == NULL)) {
+        return NJS_DECLINED;
+    }
+
+    cell_num = fhq->key_hash & h->hash_mask;
+    elt_num = njs_hash_cells_end(h)[-cell_num - 1];
+    elts = njs_hash_elts(h);
+    elt_prev = NULL;
+
+    while (elt_num != 0) {
+        elt = &elts[elt_num - 1];
+
+        /* TODO: use atomic comparision. */
+
+        if (elt->key_hash == fhq->key_hash &&
+            fhq->proto->test(fhq, elt->value) == NJS_OK)
+        {
+            fhq->value = elt->value;
+
+            if (elt_prev != NULL) {
+                elt_prev->next_elt = elt->next_elt;
+
+            } else {
+                njs_hash_cells_end(h)[-cell_num - 1] = elt->next_elt;
+            }
+
+            h->elts_deleted_count++;
+
+            elt->value = NULL;
+
+            /* Shrink elts if elts_deleted_count is eligible. */
+
+            if (h->elts_deleted_count >= NJS_FLATHSH_ELTS_MINIMUM_TO_SHRINK
+                && h->elts_deleted_count
+                   >= (h->elts_count / NJS_FLATHSH_ELTS_FRACTION_TO_SHRINK))
+            {
+                h = njs_shrink_elts(fhq, h);
+                if (njs_slow_path(h == NULL)) {
+                    return NJS_ERROR;
+                }
+
+                fh->slot = h;
+            }
+
+            if (h->elts_deleted_count == h->elts_count) {
+                njs_flathsh_free(fhq, njs_flathsh_chunk(h));
+                fh->slot = NULL;
+            }
+
+            return NJS_OK;
+        }
+
+        elt_prev = elt;
+        elt_num = elt->next_elt;
+    }
+
+    return NJS_DECLINED;
+}
+
+
+void *
+njs_flathsh_each(const njs_flathsh_t *fh, njs_flathsh_each_t *fhe)
+{
+    void                 *v;
+    njs_flathsh_elt_t    *elt;
+    njs_flathsh_descr_t  *h;
+
+    h = fh->slot;
+    if (njs_slow_path(h == NULL)) {
+        return NULL;
+    }
+
+    elt = njs_hash_elts(h);
+
+    while (fhe->cp < h->elts_count) {
+        v = elt[fhe->cp++].value;
+        if (v != NULL) {
+            return v;
+        }
+    }
+
+    return NULL;
+}
diff -r c0f581b26e84 -r c7d2a7846b0b src/njs_flathsh.h
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/njs_flathsh.h	Wed Aug 30 12:06:12 2023 -0700
@@ -0,0 +1,156 @@
+
+/*
+ * Copyright (C) NGINX, Inc.
+ */
+
+#ifndef _NJS_FLATHSH_H_INCLUDED_
+#define _NJS_FLATHSH_H_INCLUDED_
+
+
+typedef struct {
+    void         *slot;
+} njs_flathsh_t;
+
+
+typedef struct {
+    uint32_t     next_elt;
+    uint32_t     key_hash;
+    void         *value;
+} njs_flathsh_elt_t;
+
+
+typedef struct njs_flathsh_descr_s  njs_flathsh_descr_t;
+typedef struct njs_flathsh_query_s  njs_flathsh_query_t;
+
+typedef njs_int_t (*njs_flathsh_test_t)(njs_flathsh_query_t *fhq, void *data);
+typedef void *(*njs_flathsh_alloc_t)(void *ctx, size_t size);
+typedef void (*njs_flathsh_free_t)(void *ctx, void *p, size_t size);
+
+typedef struct njs_flathsh_proto_s  njs_flathsh_proto_t;
+
+
+struct njs_flathsh_proto_s {
+    uint32_t                   not_used;
+    njs_flathsh_test_t         test;
+    njs_flathsh_alloc_t        alloc;
+    njs_flathsh_free_t         free;
+};
+
+
+struct njs_flathsh_query_s {
+    uint32_t                   key_hash;
+    njs_str_t                  key;
+
+    uint8_t                    replace;     /* 1 bit */
+    void                       *value;
+
+    const njs_flathsh_proto_t  *proto;
+    void                       *pool;
+
+    /* Opaque data passed for the test function. */
+    void                       *data;
+};
+
+
+#define njs_flathsh_is_empty(fh)                                               \
+    ((fh)->slot == NULL)
+
+
+#define njs_flathsh_init(fh)                                                   \
+    (fh)->slot = NULL
+
+
+#define njs_flathsh_eq(fhl, fhr)                                               \
+    ((fhl)->slot == (fhr)->slot)
+
+
+/*
+ * njs_flathsh_find() finds a hash element.  If the element has been
+ * found then it is stored in the fhq->value and njs_flathsh_find()
+ * returns NJS_OK.  Otherwise NJS_DECLINED is returned.
+ *
+ * The required njs_flathsh_query_t fields: key_hash, key, proto.
+ */
+NJS_EXPORT njs_int_t njs_flathsh_find(const njs_flathsh_t *fh,
+    njs_flathsh_query_t *fhq);
+
+/*
+ * njs_flathsh_insert() adds a hash element.  If the element is already
+ * present in flathsh and the fhq->replace flag is zero, then fhq->value
+ * is updated with the old element and NJS_DECLINED is returned.
+ * If the element is already present in flathsh and the fhq->replace flag
+ * is non-zero, then the old element is replaced with the new element.
+ * fhq->value is updated with the old element, and NJS_OK is returned.
+ * If the element is not present in flathsh, then it is inserted and
+ * NJS_OK is returned.  The fhq->value is not changed.
+ * On memory allocation failure NJS_ERROR is returned.
+ *
+ * The required njs_flathsh_query_t fields: key_hash, key, proto, replace,
+ * value.
+ * The optional njs_flathsh_query_t fields: pool.
+ */
+NJS_EXPORT njs_int_t njs_flathsh_insert(njs_flathsh_t *fh,
+    njs_flathsh_query_t *fhq);
+
+/*
+ * njs_flathsh_delete() deletes a hash element.  If the element has been
+ * found then it is removed from flathsh and is stored in the fhq->value,
+ * and NJS_OK is returned.  Otherwise NJS_DECLINED is returned.
+ *
+ * The required njs_flathsh_query_t fields: key_hash, key, proto.
+ * The optional njs_flathsh_query_t fields: pool.
+ */
+NJS_EXPORT njs_int_t njs_flathsh_delete(njs_flathsh_t *fh,
+    njs_flathsh_query_t *fhq);
+
+
+typedef struct {
+    const njs_flathsh_proto_t  *proto;
+    uint32_t                   key_hash;
+    uint32_t                   cp;
+} njs_flathsh_each_t;
+

From xeioex at nginx.com  Thu Aug 31 04:01:40 2023
From: xeioex at nginx.com (Dmitry Volyntsev)
Date: Thu, 31 Aug 2023 04:01:40 +0000
Subject: [njs] Modules: fixed size() and keys() methods of a shared dictionary.
Message-ID: <hg.3fe16507f80a.1693454500.5965299922797593991@dev.nginx>

details:   https://hg.nginx.org/njs/rev/3fe16507f80a
branches:  
changeset: 2187:3fe16507f80a
user:      Dmitry Volyntsev <xeioex at nginx.com>
date:      Wed Aug 30 18:59:28 2023 -0700
description:
Modules: fixed size() and keys() methods of a shared dictionary.

Previously, these methods did not take into the account exprired
entries. The expired entries appear in js_shared_dict_zone when timeout
directive is specified as the expired elements are not removed at the
moment they become stale right away.

This closes #665 issue on Github.

diffstat:

 nginx/ngx_js_shared_dict.c |  16 +++++++++++++
 nginx/t/js_shared_dict.t   |  54 ++++++++++++++++++++++++++++++++++++++++-----
 2 files changed, 64 insertions(+), 6 deletions(-)

diffs (149 lines):

diff -r c7d2a7846b0b -r 3fe16507f80a nginx/ngx_js_shared_dict.c
--- a/nginx/ngx_js_shared_dict.c	Wed Aug 30 12:06:12 2023 -0700
+++ b/nginx/ngx_js_shared_dict.c	Wed Aug 30 18:59:28 2023 -0700
@@ -599,6 +599,8 @@ njs_js_ext_shared_dict_keys(njs_vm_t *vm
 {
     njs_int_t            rc;
     ngx_int_t            max_count;
+    ngx_msec_t           now;
+    ngx_time_t          *tp;
     njs_value_t         *value;
     ngx_rbtree_t        *rbtree;
     ngx_js_dict_t       *dict;
@@ -630,6 +632,12 @@ njs_js_ext_shared_dict_keys(njs_vm_t *vm
 
     ngx_rwlock_rlock(&dict->sh->rwlock);
 
+    if (dict->timeout) {
+        tp = ngx_timeofday();
+        now = tp->sec * 1000 + tp->msec;
+        ngx_js_dict_expire(dict, now);
+    }
+
     rbtree = &dict->sh->rbtree;
 
     if (rbtree->root == rbtree->sentinel) {
@@ -835,6 +843,8 @@ njs_js_ext_shared_dict_size(njs_vm_t *vm
     njs_index_t unused, njs_value_t *retval)
 {
     njs_int_t           items;
+    ngx_msec_t          now;
+    ngx_time_t         *tp;
     ngx_rbtree_t       *rbtree;
     ngx_js_dict_t      *dict;
     ngx_shm_zone_t     *shm_zone;
@@ -851,6 +861,12 @@ njs_js_ext_shared_dict_size(njs_vm_t *vm
 
     ngx_rwlock_rlock(&dict->sh->rwlock);
 
+    if (dict->timeout) {
+        tp = ngx_timeofday();
+        now = tp->sec * 1000 + tp->msec;
+        ngx_js_dict_expire(dict, now);
+    }
+
     rbtree = &dict->sh->rbtree;
 
     if (rbtree->root == rbtree->sentinel) {
diff -r c7d2a7846b0b -r 3fe16507f80a nginx/t/js_shared_dict.t
--- a/nginx/t/js_shared_dict.t	Wed Aug 30 12:06:12 2023 -0700
+++ b/nginx/t/js_shared_dict.t	Wed Aug 30 18:59:28 2023 -0700
@@ -46,6 +46,10 @@ http {
         listen       127.0.0.1:8080;
         server_name  localhost;
 
+        location /njs {
+            js_content test.njs;
+        }
+
         location /add {
             js_content test.add;
         }
@@ -115,6 +119,10 @@ http {
 EOF
 
 $t->write_file('test.js', <<'EOF');
+    function test_njs(r) {
+        r.return(200, njs.version);
+    }
+
     function convertToValue(dict, v) {
         if (dict.type == 'number') {
             return parseInt(v);
@@ -197,7 +205,7 @@ EOF
             ks = ngx.shared[r.args.dict].keys();
         }
 
-        r.return(200, ks.toSorted());
+        r.return(200, `[${ks.toSorted()}]`);
     }
 
     function name(r) {
@@ -239,10 +247,11 @@ EOF
     }
 
     export default { add, capacity, chain, clear, del, free_space, get, has,
-                     incr, keys, name, pop, replace, set, size, zones };
+                     incr, keys, name, njs: test_njs, pop, replace, set, size,
+                     zones };
 EOF
 
-$t->try_run('no js_shared_dict_zone')->plan(38);
+$t->try_run('no js_shared_dict_zone')->plan(41);
 
 ###############################################################################
 
@@ -274,8 +283,9 @@ like(http_get('/has?dict=waka&key=FOO'),
 
 $t->reload();
 
-like(http_get('/keys?dict=foo'), qr/FOO\,FOO2\,FOO3/, 'foo keys');
-like(http_get('/keys?dict=foo&max=2'), qr/FOO\,FOO3/, 'foo keys max 2');
+like(http_get('/keys?dict=foo'), qr/\[FOO\,FOO2\,FOO3]/, 'foo keys');
+like(http_get('/keys?dict=foo&max=2'), qr/\[FOO\,FOO3]/, 'foo keys max 2');
+like(http_get('/size?dict=foo'), qr/size: 3/, 'no of items in foo');
 like(http_get('/get?dict=foo&key=FOO2'), qr/yyy/, 'get foo.FOO2');
 like(http_get('/get?dict=bar&key=FOO'), qr/zzz/, 'get bar.FOO');
 like(http_get('/get?dict=foo&key=FOO'), qr/xxx/, 'get foo.FOO');
@@ -292,8 +302,40 @@ select undef, undef, undef, 2.1;
 
 like(http_get('/get?dict=foo&key=FOO'), qr/undefined/, 'get expired foo.FOO');
 like(http_get('/pop?dict=foo&key=FOO'), qr/undefined/, 'pop expired foo.FOO');
-like(http_get('/size?dict=foo'), qr/size: 2/, 'no of items in foo');
+
+TODO: {
+local $TODO = 'not yet' unless has_version('0.8.1');
+
+like(http_get('/keys?dict=foo'), qr/\[]/, 'foo keys after expire');
+like(http_get('/keys?dict=bar'), qr/\[FOO\,FOO2]/, 'bar keys after a delay');
+like(http_get('/size?dict=foo'), qr/size: 0/,
+	'no of items in foo after expire');
+
+}
+
 like(http_get('/pop?dict=bar&key=FOO'), qr/zzz/, 'pop bar.FOO');
 like(http_get('/pop?dict=bar&key=FOO'), qr/undefined/, 'pop deleted bar.FOO');
+http_get('/set?dict=foo&key=BAR&value=xxx');
 like(http_get('/clear?dict=foo'), qr/undefined/, 'clear foo');
 like(http_get('/size?dict=foo'), qr/size: 0/, 'no of items in foo after clear');
+
+###############################################################################
+
+sub has_version {
+	my $need = shift;
+
+	http_get('/njs') =~ /^([.0-9]+)$/m;
+
+	my @v = split(/\./, $1);
+	my ($n, $v);
+
+	for $n (split(/\./, $need)) {
+		$v = shift @v || 0;
+		return 0 if $n > $v;
+		return 1 if $v > $n;
+	}
+
+	return 1;
+}
+
+###############################################################################

From xeioex at nginx.com  Thu Aug 31 04:01:42 2023
From: xeioex at nginx.com (Dmitry Volyntsev)
Date: Thu, 31 Aug 2023 04:01:42 +0000
Subject: [njs] Fixed js_periodic handler stopping after graceful shutdown.
Message-ID: <hg.77bdb1e544da.1693454502.5965299922797593991@dev.nginx>

details:   https://hg.nginx.org/njs/rev/77bdb1e544da
branches:  
changeset: 2188:77bdb1e544da
user:      Dmitry Volyntsev <xeioex at nginx.com>
date:      Wed Aug 30 20:59:11 2023 -0700
description:
Fixed js_periodic handler stopping after graceful shutdown.

The issue was introduced in f1bd0b1db065.

diffstat:

 nginx/ngx_http_js_module.c   |  4 ++++
 nginx/ngx_stream_js_module.c |  4 ++++
 2 files changed, 8 insertions(+), 0 deletions(-)

diffs (28 lines):

diff -r 3fe16507f80a -r 77bdb1e544da nginx/ngx_http_js_module.c
--- a/nginx/ngx_http_js_module.c	Wed Aug 30 18:59:28 2023 -0700
+++ b/nginx/ngx_http_js_module.c	Wed Aug 30 20:59:11 2023 -0700
@@ -4102,6 +4102,10 @@ ngx_http_js_periodic_handler(ngx_event_t
     ngx_http_request_t     *r;
     ngx_http_connection_t   hc;
 
+    if (ngx_terminate || ngx_exiting) {
+        return;
+    }
+
     periodic = ev->data;
 
     timer = periodic->interval;
diff -r 3fe16507f80a -r 77bdb1e544da nginx/ngx_stream_js_module.c
--- a/nginx/ngx_stream_js_module.c	Wed Aug 30 18:59:28 2023 -0700
+++ b/nginx/ngx_stream_js_module.c	Wed Aug 30 20:59:11 2023 -0700
@@ -1815,6 +1815,10 @@ ngx_stream_js_periodic_handler(ngx_event
     ngx_stream_session_t         *s;
     ngx_stream_core_main_conf_t  *cmcf;
 
+    if (ngx_terminate || ngx_exiting) {
+        return;
+    }
+
     periodic = ev->data;
 
     timer = periodic->interval;

From arut at nginx.com  Thu Aug 31 06:57:52 2023
From: arut at nginx.com (=?iso-8859-1?q?Roman_Arutyunyan?=)
Date: Thu, 31 Aug 2023 10:57:52 +0400
Subject: [PATCH] QUIC: ignore path validation socket error (ticket #2532)
Message-ID: <adbd3952c349298117b9.1693465072@arut-laptop>

# HG changeset patch
# User Roman Arutyunyan <arut at nginx.com>
# Date 1693464847 -14400
#      Thu Aug 31 10:54:07 2023 +0400
# Node ID adbd3952c349298117b99e71f4e484ff675b1ab7
# Parent  e05bbba2b901a543ed6e627f91a738e06b6ed43b
QUIC: ignore path validation socket error (ticket #2532).

Previously, a socket error on a path being validated resulted in validation
error and subsequent QUIC connection closure.  Now the error is ignored and
path validation proceeds as usual, with several retries and a timeout.

When validating the old path after an apparent migration, that path may already
be unavailable and sendmsg() may return an error, which should not result in
QUIC connection close.

When validating the new path, it's possible that the new client address is
spoofed (See RFC 9000, 9.3.2. On-Path Address Spoofing).  This address may
as well be unavailable and should not trigger QUIC connection closure.

diff --git a/src/event/quic/ngx_event_quic_migration.c b/src/event/quic/ngx_event_quic_migration.c
--- a/src/event/quic/ngx_event_quic_migration.c
+++ b/src/event/quic/ngx_event_quic_migration.c
@@ -518,9 +518,7 @@ ngx_quic_validate_path(ngx_connection_t 
         return NGX_ERROR;
     }
 
-    if (ngx_quic_send_path_challenge(c, path) != NGX_OK) {
-        return NGX_ERROR;
-    }
+    (void) ngx_quic_send_path_challenge(c, path);
 
     ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
     pto = ngx_max(ngx_quic_pto(c, ctx), 1000);

From pluknet at nginx.com  Thu Aug 31 08:34:56 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Thu, 31 Aug 2023 12:34:56 +0400
Subject: [PATCH] QUIC: ignore path validation socket error (ticket #2532)
In-Reply-To: <adbd3952c349298117b9.1693465072@arut-laptop>
References: <adbd3952c349298117b9.1693465072@arut-laptop>
Message-ID: <D0F0E6EF-8466-4B72-BFF7-4793ED741D2F@nginx.com>


> On 31 Aug 2023, at 10:57, Roman Arutyunyan <arut at nginx.com> wrote:
> 
> # HG changeset patch
> # User Roman Arutyunyan <arut at nginx.com>
> # Date 1693464847 -14400
> #      Thu Aug 31 10:54:07 2023 +0400
> # Node ID adbd3952c349298117b99e71f4e484ff675b1ab7
> # Parent  e05bbba2b901a543ed6e627f91a738e06b6ed43b
> QUIC: ignore path validation socket error (ticket #2532).
> 
> 

Looks good.

[..]

-- 
Sergey Kandaurov

From pluknet at nginx.com  Thu Aug 31 09:51:24 2023
From: pluknet at nginx.com (=?iso-8859-1?q?Sergey_Kandaurov?=)
Date: Thu, 31 Aug 2023 13:51:24 +0400
Subject: [PATCH] QUIC: removed use of SSL_quic_read_level and
 SSL_quic_write_level
Message-ID: <015353ca1be7acc176f6.1693475484@enoparse.local>

# HG changeset patch
# User Sergey Kandaurov <pluknet at nginx.com>
# Date 1693475261 -14400
#      Thu Aug 31 13:47:41 2023 +0400
# Node ID 015353ca1be7acc176f6369ed92ec6c49975ee6a
# Parent  8f7e6d8c061e1f4b7656141d2fac85ce6846ac23
QUIC: removed use of SSL_quic_read_level and SSL_quic_write_level.

As explained in BoringSSL change[1], levels were introduced in the original
QUIC API to draw a line between when keys are released and when are active.
In the new QUIC API they are released in separate calls when it's needed.
BoringSSL has then a consideration to remove levels API, hence the change.

In most places such as feeding SSL handshake with CRYPTO payload, we already
have such information from a QUIC packet header.  If not, it is taken based
on keys availability.  The only real use of levels is to prevent using app
keys before they are active in QuicTLS that provides old BoringSSL QUIC API,
it is replaced with an equivalent check of c->ssl->handshaked.

This change also removes OpenSSL compat shims since they are no longer used.
The only exception left is keeping write level in the internal field which
is a handy equivalent of checking keys availability.

[1] https://boringssl.googlesource.com/boringssl/+/1e859054

diff --git a/src/event/quic/ngx_event_quic.c b/src/event/quic/ngx_event_quic.c
--- a/src/event/quic/ngx_event_quic.c
+++ b/src/event/quic/ngx_event_quic.c
@@ -509,8 +509,17 @@ ngx_quic_close_connection(ngx_connection
              *  to terminate the connection immediately.
              */
 
-            qc->error_level = c->ssl ? SSL_quic_read_level(c->ssl->connection)
-                                     : ssl_encryption_initial;
+            if (ngx_quic_keys_available(qc->keys, ssl_encryption_application)) {
+                qc->error_level = ssl_encryption_application;
+
+            } else if (ngx_quic_keys_available(qc->keys,
+                                               ssl_encryption_handshake))
+            {
+                qc->error_level = ssl_encryption_handshake;
+
+            } else {
+                qc->error_level = ssl_encryption_initial;
+            }
 
             if (qc->error == (ngx_uint_t) -1) {
                 qc->error = NGX_QUIC_ERR_INTERNAL_ERROR;
@@ -964,10 +973,7 @@ ngx_quic_handle_payload(ngx_connection_t
 #if !defined (OPENSSL_IS_BORINGSSL)
     /* OpenSSL provides read keys for an application level before it's ready */
 
-    if (pkt->level == ssl_encryption_application
-        && SSL_quic_read_level(c->ssl->connection)
-           < ssl_encryption_application)
-    {
+    if (pkt->level == ssl_encryption_application && !c->ssl->handshaked) {
         ngx_log_error(NGX_LOG_INFO, c->log, 0,
                       "quic no %s keys ready, ignoring packet",
                       ngx_quic_level_name(pkt->level));
diff --git a/src/event/quic/ngx_event_quic_openssl_compat.c b/src/event/quic/ngx_event_quic_openssl_compat.c
--- a/src/event/quic/ngx_event_quic_openssl_compat.c
+++ b/src/event/quic/ngx_event_quic_openssl_compat.c
@@ -44,7 +44,6 @@ struct ngx_quic_compat_s {
     const SSL_QUIC_METHOD        *method;
 
     enum ssl_encryption_level_t   write_level;
-    enum ssl_encryption_level_t   read_level;
 
     uint64_t                      read_record;
     ngx_quic_compat_keys_t        keys;
@@ -213,7 +212,6 @@ ngx_quic_compat_keylog_callback(const SS
 
     } else {
         com->method->set_read_secret((SSL *) ssl, level, cipher, secret, n);
-        com->read_level = level;
         com->read_record = 0;
 
         (void) ngx_quic_compat_set_encryption_secret(c->log, &com->keys, level,
@@ -583,32 +581,6 @@ ngx_quic_compat_create_record(ngx_quic_c
 }
 
 
-enum ssl_encryption_level_t
-SSL_quic_read_level(const SSL *ssl)
-{
-    ngx_connection_t       *c;
-    ngx_quic_connection_t  *qc;
-
-    c = ngx_ssl_get_connection(ssl);
-    qc = ngx_quic_get_connection(c);
-
-    return qc->compat->read_level;
-}
-
-
-enum ssl_encryption_level_t
-SSL_quic_write_level(const SSL *ssl)
-{
-    ngx_connection_t       *c;
-    ngx_quic_connection_t  *qc;
-
-    c = ngx_ssl_get_connection(ssl);
-    qc = ngx_quic_get_connection(c);
-
-    return qc->compat->write_level;
-}
-
-
 int
 SSL_set_quic_transport_params(SSL *ssl, const uint8_t *params,
     size_t params_len)
diff --git a/src/event/quic/ngx_event_quic_openssl_compat.h b/src/event/quic/ngx_event_quic_openssl_compat.h
--- a/src/event/quic/ngx_event_quic_openssl_compat.h
+++ b/src/event/quic/ngx_event_quic_openssl_compat.h
@@ -48,8 +48,6 @@ ngx_int_t ngx_quic_compat_init(ngx_conf_
 int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method);
 int SSL_provide_quic_data(SSL *ssl, enum ssl_encryption_level_t level,
     const uint8_t *data, size_t len);
-enum ssl_encryption_level_t SSL_quic_read_level(const SSL *ssl);
-enum ssl_encryption_level_t SSL_quic_write_level(const SSL *ssl);
 int SSL_set_quic_transport_params(SSL *ssl, const uint8_t *params,
     size_t params_len);
 void SSL_get_peer_quic_transport_params(const SSL *ssl,
diff --git a/src/event/quic/ngx_event_quic_ssl.c b/src/event/quic/ngx_event_quic_ssl.c
--- a/src/event/quic/ngx_event_quic_ssl.c
+++ b/src/event/quic/ngx_event_quic_ssl.c
@@ -43,7 +43,8 @@ static int ngx_quic_add_handshake_data(n
 static int ngx_quic_flush_flight(ngx_ssl_conn_t *ssl_conn);
 static int ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn,
     enum ssl_encryption_level_t level, uint8_t alert);
-static ngx_int_t ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t *data);
+static ngx_int_t ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t *data,
+    enum ssl_encryption_level_t level);
 
 
 #if (NGX_QUIC_BORINGSSL_API)
@@ -354,7 +355,7 @@ ngx_quic_handle_crypto_frame(ngx_connect
     }
 
     if (f->offset == ctx->crypto.offset) {
-        if (ngx_quic_crypto_input(c, frame->data) != NGX_OK) {
+        if (ngx_quic_crypto_input(c, frame->data, pkt->level) != NGX_OK) {
             return NGX_ERROR;
         }
 
@@ -372,7 +373,7 @@ ngx_quic_handle_crypto_frame(ngx_connect
     cl = ngx_quic_read_buffer(c, &ctx->crypto, (uint64_t) -1);
 
     if (cl) {
-        if (ngx_quic_crypto_input(c, cl) != NGX_OK) {
+        if (ngx_quic_crypto_input(c, cl, pkt->level) != NGX_OK) {
             return NGX_ERROR;
         }
 
@@ -384,7 +385,8 @@ ngx_quic_handle_crypto_frame(ngx_connect
 
 
 static ngx_int_t
-ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t *data)
+ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t *data,
+    enum ssl_encryption_level_t level)
 {
     int                     n, sslerr;
     ngx_buf_t              *b;
@@ -397,15 +399,10 @@ ngx_quic_crypto_input(ngx_connection_t *
 
     ssl_conn = c->ssl->connection;
 
-    ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
-                   "quic SSL_quic_read_level:%d SSL_quic_write_level:%d",
-                   (int) SSL_quic_read_level(ssl_conn),
-                   (int) SSL_quic_write_level(ssl_conn));
-
     for (cl = data; cl; cl = cl->next) {
         b = cl->buf;
 
-        if (!SSL_provide_quic_data(ssl_conn, SSL_quic_read_level(ssl_conn),
+        if (!SSL_provide_quic_data(ssl_conn, level,
                                    b->pos, b->last - b->pos))
         {
             ngx_ssl_error(NGX_LOG_INFO, c->log, 0,
@@ -416,11 +413,6 @@ ngx_quic_crypto_input(ngx_connection_t *
 
     n = SSL_do_handshake(ssl_conn);
 
-    ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
-                   "quic SSL_quic_read_level:%d SSL_quic_write_level:%d",
-                   (int) SSL_quic_read_level(ssl_conn),
-                   (int) SSL_quic_write_level(ssl_conn));
-
     ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_do_handshake: %d", n);
 
     if (n <= 0) {

From arut at nginx.com  Thu Aug 31 10:27:42 2023
From: arut at nginx.com (Roman Arutyunyan)
Date: Thu, 31 Aug 2023 10:27:42 +0000
Subject: [nginx] QUIC: ignore path validation socket error (ticket #2532).
Message-ID: <hg.f6b6f3dd7ca0.1693477662.6026610855610030274@dev.nginx>

details:   https://hg.nginx.org/nginx/rev/f6b6f3dd7ca0
branches:  
changeset: 9154:f6b6f3dd7ca0
user:      Roman Arutyunyan <arut at nginx.com>
date:      Thu Aug 31 10:54:07 2023 +0400
description:
QUIC: ignore path validation socket error (ticket #2532).

Previously, a socket error on a path being validated resulted in validation
error and subsequent QUIC connection closure.  Now the error is ignored and
path validation proceeds as usual, with several retries and a timeout.

When validating the old path after an apparent migration, that path may already
be unavailable and sendmsg() may return an error, which should not result in
QUIC connection close.

When validating the new path, it's possible that the new client address is
spoofed (See RFC 9000, 9.3.2. On-Path Address Spoofing).  This address may
as well be unavailable and should not trigger QUIC connection closure.

diffstat:

 src/event/quic/ngx_event_quic_migration.c |  4 +---
 1 files changed, 1 insertions(+), 3 deletions(-)

diffs (14 lines):

diff -r 8f7e6d8c061e -r f6b6f3dd7ca0 src/event/quic/ngx_event_quic_migration.c
--- a/src/event/quic/ngx_event_quic_migration.c	Wed Aug 30 11:09:21 2023 +0400
+++ b/src/event/quic/ngx_event_quic_migration.c	Thu Aug 31 10:54:07 2023 +0400
@@ -518,9 +518,7 @@ ngx_quic_validate_path(ngx_connection_t 
         return NGX_ERROR;
     }
 
-    if (ngx_quic_send_path_challenge(c, path) != NGX_OK) {
-        return NGX_ERROR;
-    }
+    (void) ngx_quic_send_path_challenge(c, path);
 
     ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
     pto = ngx_max(ngx_quic_pto(c, ctx), 1000);

From pluknet at nginx.com  Thu Aug 31 14:59:46 2023
From: pluknet at nginx.com (=?iso-8859-1?q?Sergey_Kandaurov?=)
Date: Thu, 31 Aug 2023 18:59:46 +0400
Subject: [PATCH] QUIC: refined sending CONNECTION_CLOSE in various packet types
Message-ID: <358c657a4a7afef502a0.1693493986@enoparse.local>

# HG changeset patch
# User Sergey Kandaurov <pluknet at nginx.com>
# Date 1693493736 -14400
#      Thu Aug 31 18:55:36 2023 +0400
# Node ID 358c657a4a7afef502a00b9a41bddbe08f6859ae
# Parent  015353ca1be7acc176f6369ed92ec6c49975ee6a
QUIC: refined sending CONNECTION_CLOSE in various packet types.

As per RFC 9000, section 10.2.3, to ensure that peer successfully removed
packet protection, CONNECTION_CLOSE can be sent in multiple packets using
different packet protection levels.

Specifically, new logic is added to more strictly follow these rules:

- by default, the highest available level of packet protection is used;
- unless handshake is confirmed, but we have got application keys available,
  that means the client may have or may have not application keys to remove
  1-RTT packet protection; in such case, send both 1-RTT and HS packets;
- additionally, if we still have initial protection keys not yet discarded,
  which happens if the path was not yet validated by successfully removing
  Handshake packet protection, that means the client may not have handshake
  keys; in such case, send an Initial packet too.

This roughly resembles the following paragraph:

* Prior to confirming the handshake, a peer might be unable to process 1-RTT
  packets, so an endpoint SHOULD send a CONNECTION_CLOSE frame in both Handshake
  and 1-RTT packets.  A server SHOULD also send a CONNECTION_CLOSE frame in an
  Initial packet.

In practice, this change allows to avoid sending Initial packet when we know
the client has handshake keys, and fixes sending CONNECTION_CLOSE when using
QuicTLS with old QUIC API, where TLS stack releases application read keys
before handshake confirmation, sending it additionally in a Handshake packet.

diff --git a/src/event/quic/ngx_event_quic.c b/src/event/quic/ngx_event_quic.c
--- a/src/event/quic/ngx_event_quic.c
+++ b/src/event/quic/ngx_event_quic.c
@@ -540,8 +540,20 @@ ngx_quic_close_connection(ngx_connection
 
             (void) ngx_quic_send_cc(c);
 
-            if (qc->error_level == ssl_encryption_handshake) {
-                /* for clients that might not have handshake keys */
+            if (qc->error_level == ssl_encryption_application
+                && ngx_quic_keys_available(qc->keys,
+                                           ssl_encryption_handshake))
+            {
+                /* handshake not confirmed, client may not have app keys */
+                qc->error_level = ssl_encryption_handshake;
+                (void) ngx_quic_send_cc(c);
+            }
+
+            if (qc->error_level == ssl_encryption_handshake
+                && ngx_quic_keys_available(qc->keys,
+                                           ssl_encryption_initial))
+            {
+                /* path not validated, client may not have hs keys */
                 qc->error_level = ssl_encryption_initial;
                 (void) ngx_quic_send_cc(c);
             }

From pluknet at nginx.com  Thu Aug 31 15:02:28 2023
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Thu, 31 Aug 2023 19:02:28 +0400
Subject: [PATCH] QUIC: refined sending CONNECTION_CLOSE in various packet
 types
In-Reply-To: <358c657a4a7afef502a0.1693493986@enoparse.local>
References: <358c657a4a7afef502a0.1693493986@enoparse.local>
Message-ID: <C616CE8D-86D1-4EF2-9214-CD87C4D3BA30@nginx.com>


> On 31 Aug 2023, at 18:59, Sergey Kandaurov <pluknet at nginx.com> wrote:
> 
> # HG changeset patch
> # User Sergey Kandaurov <pluknet at nginx.com>
> # Date 1693493736 -14400
> #      Thu Aug 31 18:55:36 2023 +0400
> # Node ID 358c657a4a7afef502a00b9a41bddbe08f6859ae
> # Parent  015353ca1be7acc176f6369ed92ec6c49975ee6a
> QUIC: refined sending CONNECTION_CLOSE in various packet types.

It may be applied irrespectively of, and should not depend on
Message-Id: <015353ca1be7acc176f6.1693475484 at enoparse.local>

-- 
Sergey Kandaurov

From v.zhestikov at f5.com  Thu Aug 31 15:26:48 2023
From: v.zhestikov at f5.com (Vadim Zhestikov)
Date: Thu, 31 Aug 2023 15:26:48 +0000
Subject: [njs] Fixed typo introduced in c7d2a7846b0b.
Message-ID: <hg.58d40fc80c52.1693495608.5965299922797593991@dev.nginx>

details:   https://hg.nginx.org/njs/rev/58d40fc80c52
branches:  
changeset: 2189:58d40fc80c52
user:      Vadim Zhestikov <v.zhestikov at f5.com>
date:      Thu Aug 31 08:24:17 2023 -0700
description:
Fixed typo introduced in c7d2a7846b0b.

Found by Coverity (CID 1542439).

diffstat:

 src/njs_object.c |  2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diffs (12 lines):

diff -r 77bdb1e544da -r 58d40fc80c52 src/njs_object.c
--- a/src/njs_object.c	Wed Aug 30 20:59:11 2023 -0700
+++ b/src/njs_object.c	Thu Aug 31 08:24:17 2023 -0700
@@ -1175,7 +1175,7 @@ njs_object_own_enumerate_object(njs_vm_t
     case NJS_ENUM_VALUES:
     case NJS_ENUM_BOTH:
         items_sorted = njs_array_alloc(vm, 1, 0, NJS_ARRAY_SPARE);
-        if (njs_slow_path(items == NULL)) {
+        if (njs_slow_path(items_sorted == NULL)) {
             return NJS_ERROR;
         }
 

From artem.konev at nginx.com  Thu Aug 31 19:08:29 2023
From: artem.konev at nginx.com (=?iso-8859-1?q?Artem_Konev?=)
Date: Thu, 31 Aug 2023 20:08:29 +0100
Subject: [PATCH] Added info about the Unit 1.31.0 release
Message-ID: <9e5399c755e6d20c32a3.1693508909@gp194lpycg.station>

 xml/index.xml |  8 ++++++++
 1 files changed, 8 insertions(+), 0 deletions(-)


# HG changeset patch
# User Artem Konev <artem.konev at nginx.com>
# Date 1693508808 -3600
#      Thu Aug 31 20:06:48 2023 +0100
# Node ID 9e5399c755e6d20c32a3175c588b4f027b20ea23
# Parent  4e25281328fa2152cadedc52e05f8a1b1bf531cd
Added info about the Unit 1.31.0 release.

diff --git a/xml/index.xml b/xml/index.xml
--- a/xml/index.xml
+++ b/xml/index.xml
@@ -7,6 +7,14 @@
 
 <news name="nginx news" link="/" lang="en">
 
+<event date="2023-08-31">
+<para>
+<link url="https://unit.nginx.org/">unit-1.31.0</link> version has been
+<link url="https://unit.nginx.org/news/2023/unit-1.31.0-released/">released</link>,
+featuring server-side WebAssembly and response header manipulation.
+</para>
+</event>
+
 <event date="2023-08-15">
 <para>
 <link doc="en/download.xml">nginx-1.25.2</link>

From ry.davis at f5.com  Thu Aug 31 20:01:18 2023
From: ry.davis at f5.com (=?iso-8859-1?q?Ryan_Davis?=)
Date: Thu, 31 Aug 2023 16:01:18 -0400
Subject: [PATCH] Minor docs fixes
Message-ID: <806e7402d63563de6e45.1693512078@C02CQ2ZCMD6R>

IyBIRyBjaGFuZ2VzZXQgcGF0Y2gKIyBVc2VyIFJ5YW4gRGF2aXMgPHJ5LmRhdmlzQGY1LmNvbT4K
IyBEYXRlIDE2OTM1MDkyNzkgMTQ0MDAKIyAgICAgIFRodSBBdWcgMzEgMTU6MTQ6MzkgMjAyMyAt
MDQwMAojIE5vZGUgSUQgODA2ZTc0MDJkNjM1NjNkZTZlNDU2MjUyMmExMDVlZjlhOWVhYjE2Ygoj
IFBhcmVudCAgNGUyNTI4MTMyOGZhMjE1MmNhZGVkYzUyZTA1ZjhhMWIxYmY1MzFjZApNaW5vciBk
b2NzIGZpeGVzCgotIGFkZCBhIG1pc3NpbmcgY2xvc2UgdGFnIHRoYXQgdHJpcHBlZCB1cCBub24t
c3RyZWFtaW5nIFhNTCBwYXJzZXJzCi0gZml4IGEgbWlzY2xhc3NpZmllZCBgbGFuZ2AgYXR0cmli
dXRlCgpkaWZmIC1yIDRlMjUyODEzMjhmYSAtciA4MDZlNzQwMmQ2MzUgeG1sL2VuL2RvY3MvaHR0
cC9uZ3hfaHR0cF9hcGlfbW9kdWxlX2hlYWQueG1sCi0tLSBhL3htbC9lbi9kb2NzL2h0dHAvbmd4
X2h0dHBfYXBpX21vZHVsZV9oZWFkLnhtbAlUdWUgQXVnIDI5IDA5OjExOjU3IDIwMjMgKzAxMDAK
KysrIGIveG1sL2VuL2RvY3MvaHR0cC9uZ3hfaHR0cF9hcGlfbW9kdWxlX2hlYWQueG1sCVRodSBB
dWcgMzEgMTU6MTQ6MzkgMjAyMyAtMDQwMApAQCAtMjk4LDMgKzI5OCw0IEBACiA8L3BhcmE+CiAK
IDwvc2VjdGlvbj4KKzwvbW9kdWxlPgpkaWZmIC1yIDRlMjUyODEzMjhmYSAtciA4MDZlNzQwMmQ2
MzUgeG1sL3J1L2RvY3MvaHR0cC9uZ3hfaHR0cF92M19tb2R1bGUueG1sCi0tLSBhL3htbC9ydS9k
b2NzL2h0dHAvbmd4X2h0dHBfdjNfbW9kdWxlLnhtbAlUdWUgQXVnIDI5IDA5OjExOjU3IDIwMjMg
KzAxMDAKKysrIGIveG1sL3J1L2RvY3MvaHR0cC9uZ3hfaHR0cF92M19tb2R1bGUueG1sCVRodSBB
dWcgMzEgMTU6MTQ6MzkgMjAyMyAtMDQwMApAQCAtOCw3ICs4LDcgQEAKIAogPG1vZHVsZSBuYW1l
PSLQnNC+0LTRg9C70Ywgbmd4X2h0dHBfdjNfbW9kdWxlIgogICAgICAgICBsaW5rPSIvcnUvZG9j
cy9odHRwL25neF9odHRwX3YzX21vZHVsZS5odG1sIgotICAgICAgICBsYW5nPSJlbiIKKyAgICAg
ICAgbGFuZz0icnUiCiAgICAgICAgIHJldj0iMiI+CiAKIDxzZWN0aW9uIGlkPSJzdW1tYXJ5Ij4K

From: ry.davis at f5.com
Bcc:
Return-Path: ry.davis at f5.com
Message-ID: <SV5CCPRLYAPP01fEAkq0001c4ed at sv5ccprlyapp01.olympus.F5Net.com>
X-OriginalArrivalTime: 31 Aug 2023 20:01:23.0377 (UTC) FILETIME=[EAC4F210:01D9DC45]
Date: 31 Aug 2023 13:01:23 -0700

From ry.davis at f5.com  Thu Aug 31 20:31:34 2023
From: ry.davis at f5.com (Ryan Davis)
Date: Thu, 31 Aug 2023 20:31:34 +0000
Subject: [PATCH] Minor docs fixes
In-Reply-To: <806e7402d63563de6e45.1693512078@C02CQ2ZCMD6R>
References: <806e7402d63563de6e45.1693512078@C02CQ2ZCMD6R>
Message-ID: <BYAPR01MB4792D5698DB362DD0E7240E7AAE5A@BYAPR01MB4792.prod.exchangelabs.com>

Apologies, the corporate SMTP server is doing something unexpected.

[signature_1339016812]<https://www.nginx.com/>
Ryan Davis | Sr Software Engineer


From: nginx-devel <nginx-devel-bounces at nginx.org> on behalf of Ryan Davis via nginx-devel <nginx-devel at nginx.org>
Date: Thursday, August 31, 2023 at 4:01 PM
To: nginx-devel at nginx.org <nginx-devel at nginx.org>
Cc: Ryan Davis <ry.davis at f5.com>
Subject: [PATCH] Minor docs fixes
EXTERNAL MAIL: nginx-devel-bounces at nginx.org

IyBIRyBjaGFuZ2VzZXQgcGF0Y2gKIyBVc2VyIFJ5YW4gRGF2aXMgPHJ5LmRhdmlzQGY1LmNvbT4K
IyBEYXRlIDE2OTM1MDkyNzkgMTQ0MDAKIyAgICAgIFRodSBBdWcgMzEgMTU6MTQ6MzkgMjAyMyAt
MDQwMAojIE5vZGUgSUQgODA2ZTc0MDJkNjM1NjNkZTZlNDU2MjUyMmExMDVlZjlhOWVhYjE2Ygoj
IFBhcmVudCAgNGUyNTI4MTMyOGZhMjE1MmNhZGVkYzUyZTA1ZjhhMWIxYmY1MzFjZApNaW5vciBk
b2NzIGZpeGVzCgotIGFkZCBhIG1pc3NpbmcgY2xvc2UgdGFnIHRoYXQgdHJpcHBlZCB1cCBub24t
c3RyZWFtaW5nIFhNTCBwYXJzZXJzCi0gZml4IGEgbWlzY2xhc3NpZmllZCBgbGFuZ2AgYXR0cmli
dXRlCgpkaWZmIC1yIDRlMjUyODEzMjhmYSAtciA4MDZlNzQwMmQ2MzUgeG1sL2VuL2RvY3MvaHR0
cC9uZ3hfaHR0cF9hcGlfbW9kdWxlX2hlYWQueG1sCi0tLSBhL3htbC9lbi9kb2NzL2h0dHAvbmd4
X2h0dHBfYXBpX21vZHVsZV9oZWFkLnhtbAlUdWUgQXVnIDI5IDA5OjExOjU3IDIwMjMgKzAxMDAK
KysrIGIveG1sL2VuL2RvY3MvaHR0cC9uZ3hfaHR0cF9hcGlfbW9kdWxlX2hlYWQueG1sCVRodSBB
dWcgMzEgMTU6MTQ6MzkgMjAyMyAtMDQwMApAQCAtMjk4LDMgKzI5OCw0IEBACiA8L3BhcmE+CiAK
IDwvc2VjdGlvbj4KKzwvbW9kdWxlPgpkaWZmIC1yIDRlMjUyODEzMjhmYSAtciA4MDZlNzQwMmQ2
MzUgeG1sL3J1L2RvY3MvaHR0cC9uZ3hfaHR0cF92M19tb2R1bGUueG1sCi0tLSBhL3htbC9ydS9k
b2NzL2h0dHAvbmd4X2h0dHBfdjNfbW9kdWxlLnhtbAlUdWUgQXVnIDI5IDA5OjExOjU3IDIwMjMg
KzAxMDAKKysrIGIveG1sL3J1L2RvY3MvaHR0cC9uZ3hfaHR0cF92M19tb2R1bGUueG1sCVRodSBB
dWcgMzEgMTU6MTQ6MzkgMjAyMyAtMDQwMApAQCAtOCw3ICs4LDcgQEAKIAogPG1vZHVsZSBuYW1l
PSLQnNC+0LTRg9C70Ywgbmd4X2h0dHBfdjNfbW9kdWxlIgogICAgICAgICBsaW5rPSIvcnUvZG9j
cy9odHRwL25neF9odHRwX3YzX21vZHVsZS5odG1sIgotICAgICAgICBsYW5nPSJlbiIKKyAgICAg
ICAgbGFuZz0icnUiCiAgICAgICAgIHJldj0iMiI+CiAKIDxzZWN0aW9uIGlkPSJzdW1tYXJ5Ij4K

From: ry.davis at f5.com
Bcc:
Return-Path: ry.davis at f5.com
Message-ID: <SV5CCPRLYAPP01fEAkq0001c4ed at sv5ccprlyapp01.olympus.F5Net.com>
X-OriginalArrivalTime: 31 Aug 2023 20:01:23.0377 (UTC) FILETIME=[EAC4F210:01D9DC45]
Date: 31 Aug 2023 13:01:23 -0700
_______________________________________________
nginx-devel mailing list
nginx-devel at nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx-devel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20230831/c182c7b6/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 7040 bytes
Desc: image001.png
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20230831/c182c7b6/attachment-0001.png>

From osa at freebsd.org.ru  Thu Aug 31 20:43:05 2023
From: osa at freebsd.org.ru (Sergey A. Osokin)
Date: Thu, 31 Aug 2023 23:43:05 +0300
Subject: [PATCH] Minor docs fixes
In-Reply-To: <BYAPR01MB4792D5698DB362DD0E7240E7AAE5A@BYAPR01MB4792.prod.exchangelabs.com>
References: <806e7402d63563de6e45.1693512078@C02CQ2ZCMD6R>
 <BYAPR01MB4792D5698DB362DD0E7240E7AAE5A@BYAPR01MB4792.prod.exchangelabs.com>
Message-ID: <ZPD7WaKhmtRg5Xz-@FreeBSD.org.ru>

Hi,

here's the patch from Ryan.

On Thu, Aug 31, 2023 at 08:31:34PM +0000, Ryan Davis via nginx-devel wrote:
> Apologies, the corporate SMTP server is doing something unexpected.

# HG changeset patch
# User Ryan Davis <ry.davis at f5.com>
# Date 1693509279 14400
#      Thu Aug 31 15:14:39 2023 -0400
# Node ID 31eebaba6f8d4973c35c40f3da69c9d9fe598438
# Parent  4e25281328fa2152cadedc52e05f8a1b1bf531cd
Minor docs fixes

- add a missing close tag that tripped up non-streaming XML parsers
- fix a misclassified `lang` attribute

diff -r 4e25281328fa -r 31eebaba6f8d xml/en/docs/http/ngx_http_api_module_head.xml
--- a/xml/en/docs/http/ngx_http_api_module_head.xml	Tue Aug 29 09:11:57 2023 +0100
+++ b/xml/en/docs/http/ngx_http_api_module_head.xml	Thu Aug 31 15:14:39 2023 -0400
@@ -9,7 +9,7 @@
 <module name="Module ngx_http_api_module"
         link="/en/docs/http/ngx_http_api_module.html"
         lang="en"
-        rev="3">
+        rev="4">
 
 <section id="summary">
 
@@ -298,3 +298,4 @@
 </para>
 
 </section>
+</module>
diff -r 4e25281328fa -r 31eebaba6f8d xml/ru/docs/http/ngx_http_v3_module.xml
--- a/xml/ru/docs/http/ngx_http_v3_module.xml	Tue Aug 29 09:11:57 2023 +0100
+++ b/xml/ru/docs/http/ngx_http_v3_module.xml	Thu Aug 31 15:14:39 2023 -0400
@@ -8,8 +8,8 @@
 
 <module name="Модуль ngx_http_v3_module"
         link="/ru/docs/http/ngx_http_v3_module.html"
-        lang="en"
-        rev="2">
+        lang="ru"
+        rev="3">
 
 <section id="summary">
 

-- 
Sergey A. Osokin

From yar at nginx.com  Thu Aug 31 21:01:12 2023
From: yar at nginx.com (Yaroslav Zhuravlev)
Date: Thu, 31 Aug 2023 22:01:12 +0100
Subject: [PATCH] Added info about the Unit 1.31.0 release
In-Reply-To: <9e5399c755e6d20c32a3.1693508909@gp194lpycg.station>
References: <9e5399c755e6d20c32a3.1693508909@gp194lpycg.station>
Message-ID: <33942FC4-28F6-4629-9C14-59B4284C80F0@nginx.com>



> On 31 Aug 2023, at 20:08, Artem Konev <artem.konev at nginx.com> wrote:
> 
> xml/index.xml |  8 ++++++++
> 1 files changed, 8 insertions(+), 0 deletions(-)
> 
> 
> # HG changeset patch
> # User Artem Konev <artem.konev at nginx.com>
> # Date 1693508808 -3600
> #      Thu Aug 31 20:06:48 2023 +0100
> # Node ID 9e5399c755e6d20c32a3175c588b4f027b20ea23
> # Parent  4e25281328fa2152cadedc52e05f8a1b1bf531cd
> Added info about the Unit 1.31.0 release.
> 
> diff --git a/xml/index.xml b/xml/index.xml
> --- a/xml/index.xml
> +++ b/xml/index.xml
> @@ -7,6 +7,14 @@
> 
> <news name="nginx news" link="/" lang="en">
> 
> +<event date="2023-08-31">
> +<para>
> +<link url="https://unit.nginx.org/">unit-1.31.0</link> version has been
> +<link url="https://unit.nginx.org/news/2023/unit-1.31.0-released/">released</link>,
> +featuring server-side WebAssembly and response header manipulation.
> +</para>
> +</event>
> +
> <event date="2023-08-15">
> <para>
> <link doc="en/download.xml">nginx-1.25.2</link>

Looks good

> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> https://mailman.nginx.org/mailman/listinfo/nginx-devel

From yar at nginx.com  Thu Aug 31 21:25:41 2023
From: yar at nginx.com (Yaroslav Zhuravlev)
Date: Thu, 31 Aug 2023 22:25:41 +0100
Subject: [PATCH] Minor docs fixes
In-Reply-To: <ZPD7WaKhmtRg5Xz-@FreeBSD.org.ru>
References: <806e7402d63563de6e45.1693512078@C02CQ2ZCMD6R>
 <BYAPR01MB4792D5698DB362DD0E7240E7AAE5A@BYAPR01MB4792.prod.exchangelabs.com>
 <ZPD7WaKhmtRg5Xz-@FreeBSD.org.ru>
Message-ID: <F8301CBE-B94A-465C-8C0A-586165BE9D1F@nginx.com>

Hi, 

> On 31 Aug 2023, at 21:43, Sergey A. Osokin <osa at freebsd.org.ru> wrote:
> 
> Hi,
> 
> here's the patch from Ryan.
> 
> On Thu, Aug 31, 2023 at 08:31:34PM +0000, Ryan Davis via nginx-devel wrote:
>> Apologies, the corporate SMTP server is doing something unexpected.
> 
> # HG changeset patch
> # User Ryan Davis <ry.davis at f5.com>
> # Date 1693509279 14400
> #      Thu Aug 31 15:14:39 2023 -0400
> # Node ID 31eebaba6f8d4973c35c40f3da69c9d9fe598438
> # Parent  4e25281328fa2152cadedc52e05f8a1b1bf531cd
> Minor docs fixes

Perhaps a more descriptive commit log would be better, e.g. 
"Fixed lang attribute, added module closing tag."

> 
> - add a missing close tag that tripped up non-streaming XML parsers
> - fix a misclassified `lang` attribute
> 
> diff -r 4e25281328fa -r 31eebaba6f8d xml/en/docs/http/ngx_http_api_module_head.xml
> --- a/xml/en/docs/http/ngx_http_api_module_head.xml Tue Aug 29 09:11:57 2023 +0100
> +++ b/xml/en/docs/http/ngx_http_api_module_head.xml Thu Aug 31 15:14:39 2023 -0400
> @@ -9,7 +9,7 @@
> <module name="Module ngx_http_api_module"
>         link="/en/docs/http/ngx_http_api_module.html"
>         lang="en"
> -        rev="3">
> +        rev="4">
> 
> <section id="summary">
> 
> @@ -298,3 +298,4 @@
> </para>
> 
> </section>

Blank line missing between section and module tags.

> +</module>
> diff -r 4e25281328fa -r 31eebaba6f8d xml/ru/docs/http/ngx_http_v3_module.xml
> --- a/xml/ru/docs/http/ngx_http_v3_module.xml Tue Aug 29 09:11:57 2023 +0100
> +++ b/xml/ru/docs/http/ngx_http_v3_module.xml Thu Aug 31 15:14:39 2023 -0400
> @@ -8,8 +8,8 @@
> 
> <module name="Модуль ngx_http_v3_module"
>         link="/ru/docs/http/ngx_http_v3_module.html"
> -        lang="en"
> -        rev="2">
> +        lang="ru"
> +        rev="3">

Version bump should also be applied to the En version as well as they correspond to each other.
Or it might be better not to bump the version at all here as the change is small and not content related.

> 
> <section id="summary">
> 
> 
> -- 
> Sergey A. Osokin
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> https://mailman.nginx.org/mailman/listinfo/nginx-devel