Mercurial > hg > nginx
diff src/event/ngx_event_quic_transport.h @ 8562:b31c02454539 quic
QUIC: added stateless reset support.
The new "quic_stateless_reset_token_key" directive is added. It sets the
endpoint key used to generate stateless reset tokens and enables feature.
If the endpoint receives short-header packet that can't be matched to
existing connection, a stateless reset packet is generated with
a proper token.
If a valid stateless reset token is found in the incoming packet,
the connection is closed.
Example configuration:
http {
quic_stateless_reset_token_key "foo";
...
}
| author | Vladimir Homutov <vl@nginx.com> |
|---|---|
| date | Wed, 30 Sep 2020 20:54:46 +0300 |
| parents | d0d3fc0697a0 |
| children | 07971f870879 |
line wrap: on
line diff
--- a/src/event/ngx_event_quic_transport.h +++ b/src/event/ngx_event_quic_transport.h @@ -101,7 +101,7 @@ /* Transport parameters */ #define NGX_QUIC_TP_ORIGINAL_DCID 0x00 #define NGX_QUIC_TP_MAX_IDLE_TIMEOUT 0x01 -#define NGX_QUIC_TP_STATELESS_RESET_TOKEN 0x02 +#define NGX_QUIC_TP_SR_TOKEN 0x02 #define NGX_QUIC_TP_MAX_UDP_PAYLOAD_SIZE 0x03 #define NGX_QUIC_TP_INITIAL_MAX_DATA 0x04 #define NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_BIDI_LOCAL 0x05 @@ -120,9 +120,6 @@ #define NGX_QUIC_CID_LEN_MIN 8 #define NGX_QUIC_CID_LEN_MAX 20 -#define NGX_QUIC_SRT_LEN 16 - - typedef struct { uint64_t largest; uint64_t delay; @@ -141,7 +138,7 @@ typedef struct { uint64_t retire; uint8_t len; u_char cid[NGX_QUIC_CID_LEN_MAX]; - u_char srt[NGX_QUIC_SRT_LEN]; + u_char srt[NGX_QUIC_SR_TOKEN_LEN]; } ngx_quic_new_conn_id_frame_t;