Mercurial > hg > nginx
view src/core/ngx_syslog.h @ 9189:fcec773dd249
QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE.
By default packets with these frames are expanded to 1200 bytes. Previously,
if anti-amplification limit did not allow this expansion, it was limited to
whatever size was allowed. However RFC 9000 clearly states no partial
expansion should happen in both cases.
Section 8.2.1. Initiating Path Validation:
An endpoint MUST expand datagrams that contain a PATH_CHALLENGE frame
to at least the smallest allowed maximum datagram size of 1200 bytes,
unless the anti-amplification limit for the path does not permit
sending a datagram of this size.
Section 8.2.2. Path Validation Responses:
An endpoint MUST expand datagrams that contain a PATH_RESPONSE frame
to at least the smallest allowed maximum datagram size of 1200 bytes.
...
However, an endpoint MUST NOT expand the datagram containing the
PATH_RESPONSE if the resulting data exceeds the anti-amplification limit.
author | Roman Arutyunyan <arut@nginx.com> |
---|---|
date | Wed, 29 Nov 2023 18:13:25 +0400 |
parents | 8771d35d55d0 |
children | 1c9264603adc |
line wrap: on
line source
/* * Copyright (C) Nginx, Inc. */ #ifndef _NGX_SYSLOG_H_INCLUDED_ #define _NGX_SYSLOG_H_INCLUDED_ typedef struct { ngx_uint_t facility; ngx_uint_t severity; ngx_str_t tag; ngx_str_t *hostname; ngx_addr_t server; ngx_connection_t conn; ngx_log_t log; ngx_log_t *logp; unsigned busy:1; unsigned nohostname:1; } ngx_syslog_peer_t; char *ngx_syslog_process_conf(ngx_conf_t *cf, ngx_syslog_peer_t *peer); u_char *ngx_syslog_add_header(ngx_syslog_peer_t *peer, u_char *buf); void ngx_syslog_writer(ngx_log_t *log, ngx_uint_t level, u_char *buf, size_t len); ssize_t ngx_syslog_send(ngx_syslog_peer_t *peer, u_char *buf, size_t len); #endif /* _NGX_SYSLOG_H_INCLUDED_ */