Mercurial > hg > nginx-quic
comparison src/event/ngx_event_quic_protection.c @ 8096:0f37b4ef3cd9 quic
QUIC: keep the entire packet size in pkt->len.
Previously pkt->len kept the length of the packet remainder starting from
pkt->raw->pos.
author | Roman Arutyunyan <arut@nginx.com> |
---|---|
date | Fri, 25 Sep 2020 21:46:55 +0300 |
parents | 26a5bd4aff57 |
children | b31c02454539 |
comparison
equal
deleted
inserted
replaced
8095:2727d402e5a5 | 8096:0f37b4ef3cd9 |
---|---|
995 ngx_int_t | 995 ngx_int_t |
996 ngx_quic_decrypt(ngx_quic_header_t *pkt, ngx_ssl_conn_t *ssl_conn, | 996 ngx_quic_decrypt(ngx_quic_header_t *pkt, ngx_ssl_conn_t *ssl_conn, |
997 uint64_t *largest_pn) | 997 uint64_t *largest_pn) |
998 { | 998 { |
999 u_char clearflags, *p, *sample; | 999 u_char clearflags, *p, *sample; |
1000 size_t len; | |
1000 uint8_t badflags; | 1001 uint8_t badflags; |
1001 uint64_t pn, lpn; | 1002 uint64_t pn, lpn; |
1002 ngx_int_t pnl, rc, key_phase; | 1003 ngx_int_t pnl, rc, key_phase; |
1003 ngx_str_t in, ad; | 1004 ngx_str_t in, ad; |
1004 ngx_quic_secret_t *secret; | 1005 ngx_quic_secret_t *secret; |
1010 } | 1011 } |
1011 | 1012 |
1012 secret = pkt->secret; | 1013 secret = pkt->secret; |
1013 | 1014 |
1014 p = pkt->raw->pos; | 1015 p = pkt->raw->pos; |
1016 len = pkt->data + pkt->len - p; | |
1015 | 1017 |
1016 /* draft-ietf-quic-tls-23#section-5.4.2: | 1018 /* draft-ietf-quic-tls-23#section-5.4.2: |
1017 * the Packet Number field is assumed to be 4 bytes long | 1019 * the Packet Number field is assumed to be 4 bytes long |
1018 * draft-ietf-quic-tls-23#section-5.4.[34]: | 1020 * draft-ietf-quic-tls-23#section-5.4.[34]: |
1019 * AES-Based and ChaCha20-Based header protections sample 16 bytes | 1021 * AES-Based and ChaCha20-Based header protections sample 16 bytes |
1020 */ | 1022 */ |
1021 | 1023 |
1022 if (pkt->len < EVP_GCM_TLS_TAG_LEN + 4) { | 1024 if (len < EVP_GCM_TLS_TAG_LEN + 4) { |
1023 return NGX_DECLINED; | 1025 return NGX_DECLINED; |
1024 } | 1026 } |
1025 | 1027 |
1026 sample = p + 4; | 1028 sample = p + 4; |
1027 | 1029 |
1060 "quic packet number: %uL, len: %xi", pn, pnl); | 1062 "quic packet number: %uL, len: %xi", pn, pnl); |
1061 | 1063 |
1062 /* packet protection */ | 1064 /* packet protection */ |
1063 | 1065 |
1064 in.data = p; | 1066 in.data = p; |
1065 in.len = pkt->len - pnl; | 1067 in.len = len - pnl; |
1066 | 1068 |
1067 if (ngx_quic_long_pkt(pkt->flags)) { | 1069 if (ngx_quic_long_pkt(pkt->flags)) { |
1068 badflags = clearflags & NGX_QUIC_PKT_LONG_RESERVED_BIT; | 1070 badflags = clearflags & NGX_QUIC_PKT_LONG_RESERVED_BIT; |
1069 | 1071 |
1070 } else { | 1072 } else { |