Mercurial > hg > nginx
comparison src/event/quic/ngx_event_quic.c @ 8877:b5296bd8631c quic
QUIC: Check if CID has been used in stateless reset check
Section 10.3.1 of RFC9000 requires this check.
author | Martin Duke <m.duke@f5.com> |
---|---|
date | Tue, 12 Oct 2021 11:56:49 +0300 |
parents | cbbe901c199d |
children | c4f249d485e3 |
comparison
equal
deleted
inserted
replaced
8876:1ead7d64e993 | 8877:b5296bd8631c |
---|---|
368 q != ngx_queue_sentinel(&qc->client_ids); | 368 q != ngx_queue_sentinel(&qc->client_ids); |
369 q = ngx_queue_next(q)) | 369 q = ngx_queue_next(q)) |
370 { | 370 { |
371 cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); | 371 cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); |
372 | 372 |
373 if (cid->seqnum == 0) { | 373 if (cid->seqnum == 0 || cid->refcnt == 0) { |
374 /* no stateless reset token in initial connection id */ | 374 /* |
375 * No stateless reset token in initial connection id. | |
376 * Don't accept a token from an unused connection id. | |
377 */ | |
375 continue; | 378 continue; |
376 } | 379 } |
377 | 380 |
378 /* constant time comparison */ | 381 /* constant time comparison */ |
379 | 382 |