Mercurial > hg > nginx
annotate src/event/quic/ngx_event_quic_tokens.h @ 9027:f9d7930d0eed quic
HTTP/3: skip empty request body buffers (ticket #2374).
When client DATA frame header and its content come in different QUIC packets,
it may happen that only the header is processed by the first
ngx_http_v3_request_body_filter() call. In this case an empty request body
buffer is added to r->request_body->bufs, which is later reused in a
subsequent ngx_http_v3_request_body_filter() call without being removed from
the body chain. As a result, rb->request_body->bufs ends up with two copies of
the same buffer.
The fix is to avoid adding empty request body buffers to r->request_body->bufs.
| author | Roman Arutyunyan <arut@nginx.com> |
|---|---|
| date | Wed, 03 Aug 2022 16:59:51 +0400 |
| parents | 3550b00d9dc8 |
| children | 77c1418916f7 |
| rev | line source |
|---|---|
|
8752
e19723c40d28
QUIC: separate files for tokens related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
1 |
|
e19723c40d28
QUIC: separate files for tokens related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
2 /* |
|
e19723c40d28
QUIC: separate files for tokens related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
3 * Copyright (C) Nginx, Inc. |
|
e19723c40d28
QUIC: separate files for tokens related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
4 */ |
|
e19723c40d28
QUIC: separate files for tokens related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
5 |
|
e19723c40d28
QUIC: separate files for tokens related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
6 |
|
e19723c40d28
QUIC: separate files for tokens related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
7 #ifndef _NGX_EVENT_QUIC_TOKENS_H_INCLUDED_ |
|
e19723c40d28
QUIC: separate files for tokens related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
8 #define _NGX_EVENT_QUIC_TOKENS_H_INCLUDED_ |
|
e19723c40d28
QUIC: separate files for tokens related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
9 |
|
e19723c40d28
QUIC: separate files for tokens related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
10 |
|
e19723c40d28
QUIC: separate files for tokens related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
11 #include <ngx_config.h> |
|
e19723c40d28
QUIC: separate files for tokens related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
12 #include <ngx_core.h> |
|
e19723c40d28
QUIC: separate files for tokens related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
13 |
|
e19723c40d28
QUIC: separate files for tokens related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
14 |
|
9026
3550b00d9dc8
QUIC: avoided pool usage in token calculation.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
15 #define NGX_QUIC_MAX_TOKEN_SIZE 64 |
|
3550b00d9dc8
QUIC: avoided pool usage in token calculation.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
16 /* SHA-1(addr)=20 + sizeof(time_t) + retry(1) + odcid.len(1) + odcid */ |
|
3550b00d9dc8
QUIC: avoided pool usage in token calculation.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
17 |
|
3550b00d9dc8
QUIC: avoided pool usage in token calculation.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
18 /* RFC 3602, 2.1 and 2.4 for AES-CBC block size and IV length */ |
|
3550b00d9dc8
QUIC: avoided pool usage in token calculation.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
19 #define NGX_QUIC_AES_256_CBC_IV_LEN 16 |
|
3550b00d9dc8
QUIC: avoided pool usage in token calculation.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
20 #define NGX_QUIC_AES_256_CBC_BLOCK_SIZE 16 |
|
3550b00d9dc8
QUIC: avoided pool usage in token calculation.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
21 |
|
3550b00d9dc8
QUIC: avoided pool usage in token calculation.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
22 #define NGX_QUIC_TOKEN_BUF_SIZE (NGX_QUIC_AES_256_CBC_IV_LEN \ |
|
3550b00d9dc8
QUIC: avoided pool usage in token calculation.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
23 + NGX_QUIC_MAX_TOKEN_SIZE \ |
|
3550b00d9dc8
QUIC: avoided pool usage in token calculation.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
24 + NGX_QUIC_AES_256_CBC_BLOCK_SIZE) |
|
3550b00d9dc8
QUIC: avoided pool usage in token calculation.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
25 |
|
3550b00d9dc8
QUIC: avoided pool usage in token calculation.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
26 |
|
8752
e19723c40d28
QUIC: separate files for tokens related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
27 ngx_int_t ngx_quic_new_sr_token(ngx_connection_t *c, ngx_str_t *cid, |
|
e19723c40d28
QUIC: separate files for tokens related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
28 u_char *secret, u_char *token); |
|
9026
3550b00d9dc8
QUIC: avoided pool usage in token calculation.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
29 ngx_int_t ngx_quic_new_token(ngx_log_t *log, struct sockaddr *sockaddr, |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8752
diff
changeset
|
30 socklen_t socklen, u_char *key, ngx_str_t *token, ngx_str_t *odcid, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8752
diff
changeset
|
31 time_t expires, ngx_uint_t is_retry); |
|
8752
e19723c40d28
QUIC: separate files for tokens related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
32 ngx_int_t ngx_quic_validate_token(ngx_connection_t *c, |
|
e19723c40d28
QUIC: separate files for tokens related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
33 u_char *key, ngx_quic_header_t *pkt); |
|
e19723c40d28
QUIC: separate files for tokens related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
34 |
|
e19723c40d28
QUIC: separate files for tokens related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
35 #endif /* _NGX_EVENT_QUIC_TOKENS_H_INCLUDED_ */ |