Mercurial > hg > nginx
changeset 9047:70ce1e927715 quic
QUIC: fixed computation of nonce with packet numbers beyond 2^32.
Prodded by Yu Zhu.
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Fri, 25 Nov 2022 15:56:33 +0400 |
| parents | 210ad79a8853 |
| children | 9c427e98d8c1 |
| files | src/event/quic/ngx_event_quic_protection.c |
| diffstat | 1 files changed, 8 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
--- a/src/event/quic/ngx_event_quic_protection.c +++ b/src/event/quic/ngx_event_quic_protection.c @@ -964,10 +964,14 @@ ngx_quic_parse_pn(u_char **pos, ngx_int_ static void ngx_quic_compute_nonce(u_char *nonce, size_t len, uint64_t pn) { - nonce[len - 4] ^= (pn & 0xff000000) >> 24; - nonce[len - 3] ^= (pn & 0x00ff0000) >> 16; - nonce[len - 2] ^= (pn & 0x0000ff00) >> 8; - nonce[len - 1] ^= (pn & 0x000000ff); + nonce[len - 8] ^= (pn >> 56) & 0x3f; + nonce[len - 7] ^= (pn >> 48) & 0xff; + nonce[len - 6] ^= (pn >> 40) & 0xff; + nonce[len - 5] ^= (pn >> 32) & 0xff; + nonce[len - 4] ^= (pn >> 24) & 0xff; + nonce[len - 3] ^= (pn >> 16) & 0xff; + nonce[len - 2] ^= (pn >> 8) & 0xff; + nonce[len - 1] ^= pn & 0xff; }