Mercurial > hg > nginx
comparison src/event/quic/ngx_event_quic_openssl_compat.c @ 9164:3db945fda515
QUIC: handle callback errors in compat.
The error may be triggered in add_handhshake_data() by incorrect transport
parameter sent by client. The expected behaviour in this case is to close
connection complaining about incorrect parameter. Currently the connection
just times out.
author | Vladimir Khomutov <vl@inspert.ru> |
---|---|
date | Fri, 22 Sep 2023 19:23:57 +0400 |
parents | daf8f5ba23d8 |
children | f98636db77ef |
comparison
equal
deleted
inserted
replaced
9163:32b5aaebcca5 | 9164:3db945fda515 |
---|---|
406 case SSL3_RT_HANDSHAKE: | 406 case SSL3_RT_HANDSHAKE: |
407 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, | 407 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
408 "quic compat tx %s len:%uz ", | 408 "quic compat tx %s len:%uz ", |
409 ngx_quic_level_name(level), len); | 409 ngx_quic_level_name(level), len); |
410 | 410 |
411 (void) com->method->add_handshake_data(ssl, level, buf, len); | 411 if (com->method->add_handshake_data(ssl, level, buf, len) != 1) { |
412 goto failed; | |
413 } | |
412 | 414 |
413 break; | 415 break; |
414 | 416 |
415 case SSL3_RT_ALERT: | 417 case SSL3_RT_ALERT: |
416 if (len >= 2) { | 418 if (len >= 2) { |
418 | 420 |
419 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, | 421 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, |
420 "quic compat %s alert:%ui len:%uz ", | 422 "quic compat %s alert:%ui len:%uz ", |
421 ngx_quic_level_name(level), alert, len); | 423 ngx_quic_level_name(level), alert, len); |
422 | 424 |
423 (void) com->method->send_alert(ssl, level, alert); | 425 if (com->method->send_alert(ssl, level, alert) != 1) { |
426 goto failed; | |
427 } | |
424 } | 428 } |
425 | 429 |
426 break; | 430 break; |
427 } | 431 } |
432 | |
433 return; | |
434 | |
435 failed: | |
436 | |
437 ngx_post_event(&qc->close, &ngx_posted_events); | |
428 } | 438 } |
429 | 439 |
430 | 440 |
431 int | 441 int |
432 SSL_provide_quic_data(SSL *ssl, enum ssl_encryption_level_t level, | 442 SSL_provide_quic_data(SSL *ssl, enum ssl_encryption_level_t level, |