Mercurial > hg > nginx-quic
comparison src/event/quic/ngx_event_quic.c @ 8639:b5296bd8631c quic
QUIC: Check if CID has been used in stateless reset check
Section 10.3.1 of RFC9000 requires this check.
| author | Martin Duke <m.duke@f5.com> |
|---|---|
| date | Tue, 12 Oct 2021 11:56:49 +0300 |
| parents | cbbe901c199d |
| children | c4f249d485e3 |
comparison
equal
deleted
inserted
replaced
| 8638:1ead7d64e993 | 8639:b5296bd8631c |
|---|---|
| 368 q != ngx_queue_sentinel(&qc->client_ids); | 368 q != ngx_queue_sentinel(&qc->client_ids); |
| 369 q = ngx_queue_next(q)) | 369 q = ngx_queue_next(q)) |
| 370 { | 370 { |
| 371 cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); | 371 cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); |
| 372 | 372 |
| 373 if (cid->seqnum == 0) { | 373 if (cid->seqnum == 0 || cid->refcnt == 0) { |
| 374 /* no stateless reset token in initial connection id */ | 374 /* |
| 375 * No stateless reset token in initial connection id. | |
| 376 * Don't accept a token from an unused connection id. | |
| 377 */ | |
| 375 continue; | 378 continue; |
| 376 } | 379 } |
| 377 | 380 |
| 378 /* constant time comparison */ | 381 /* constant time comparison */ |
| 379 | 382 |