Mercurial > hg > nginx-quic
changeset 8639:b5296bd8631c quic
QUIC: Check if CID has been used in stateless reset check
Section 10.3.1 of RFC9000 requires this check.
author | Martin Duke <m.duke@f5.com> |
---|---|
date | Tue, 12 Oct 2021 11:56:49 +0300 |
parents | 1ead7d64e993 |
children | c4f249d485e3 |
files | src/event/quic/ngx_event_quic.c |
diffstat | 1 files changed, 5 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/src/event/quic/ngx_event_quic.c +++ b/src/event/quic/ngx_event_quic.c @@ -370,8 +370,11 @@ ngx_quic_process_stateless_reset(ngx_con { cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); - if (cid->seqnum == 0) { - /* no stateless reset token in initial connection id */ + if (cid->seqnum == 0 || cid->refcnt == 0) { + /* + * No stateless reset token in initial connection id. + * Don't accept a token from an unused connection id. + */ continue; }