Mercurial > hg > nginx-quic
comparison src/event/ngx_event_quic_protection.c @ 8096:0f37b4ef3cd9 quic
QUIC: keep the entire packet size in pkt->len.
Previously pkt->len kept the length of the packet remainder starting from
pkt->raw->pos.
| author | Roman Arutyunyan <arut@nginx.com> |
|---|---|
| date | Fri, 25 Sep 2020 21:46:55 +0300 |
| parents | 26a5bd4aff57 |
| children | b31c02454539 |
comparison
equal
deleted
inserted
replaced
| 8095:2727d402e5a5 | 8096:0f37b4ef3cd9 |
|---|---|
| 995 ngx_int_t | 995 ngx_int_t |
| 996 ngx_quic_decrypt(ngx_quic_header_t *pkt, ngx_ssl_conn_t *ssl_conn, | 996 ngx_quic_decrypt(ngx_quic_header_t *pkt, ngx_ssl_conn_t *ssl_conn, |
| 997 uint64_t *largest_pn) | 997 uint64_t *largest_pn) |
| 998 { | 998 { |
| 999 u_char clearflags, *p, *sample; | 999 u_char clearflags, *p, *sample; |
| 1000 size_t len; | |
| 1000 uint8_t badflags; | 1001 uint8_t badflags; |
| 1001 uint64_t pn, lpn; | 1002 uint64_t pn, lpn; |
| 1002 ngx_int_t pnl, rc, key_phase; | 1003 ngx_int_t pnl, rc, key_phase; |
| 1003 ngx_str_t in, ad; | 1004 ngx_str_t in, ad; |
| 1004 ngx_quic_secret_t *secret; | 1005 ngx_quic_secret_t *secret; |
| 1010 } | 1011 } |
| 1011 | 1012 |
| 1012 secret = pkt->secret; | 1013 secret = pkt->secret; |
| 1013 | 1014 |
| 1014 p = pkt->raw->pos; | 1015 p = pkt->raw->pos; |
| 1016 len = pkt->data + pkt->len - p; | |
| 1015 | 1017 |
| 1016 /* draft-ietf-quic-tls-23#section-5.4.2: | 1018 /* draft-ietf-quic-tls-23#section-5.4.2: |
| 1017 * the Packet Number field is assumed to be 4 bytes long | 1019 * the Packet Number field is assumed to be 4 bytes long |
| 1018 * draft-ietf-quic-tls-23#section-5.4.[34]: | 1020 * draft-ietf-quic-tls-23#section-5.4.[34]: |
| 1019 * AES-Based and ChaCha20-Based header protections sample 16 bytes | 1021 * AES-Based and ChaCha20-Based header protections sample 16 bytes |
| 1020 */ | 1022 */ |
| 1021 | 1023 |
| 1022 if (pkt->len < EVP_GCM_TLS_TAG_LEN + 4) { | 1024 if (len < EVP_GCM_TLS_TAG_LEN + 4) { |
| 1023 return NGX_DECLINED; | 1025 return NGX_DECLINED; |
| 1024 } | 1026 } |
| 1025 | 1027 |
| 1026 sample = p + 4; | 1028 sample = p + 4; |
| 1027 | 1029 |
| 1060 "quic packet number: %uL, len: %xi", pn, pnl); | 1062 "quic packet number: %uL, len: %xi", pn, pnl); |
| 1061 | 1063 |
| 1062 /* packet protection */ | 1064 /* packet protection */ |
| 1063 | 1065 |
| 1064 in.data = p; | 1066 in.data = p; |
| 1065 in.len = pkt->len - pnl; | 1067 in.len = len - pnl; |
| 1066 | 1068 |
| 1067 if (ngx_quic_long_pkt(pkt->flags)) { | 1069 if (ngx_quic_long_pkt(pkt->flags)) { |
| 1068 badflags = clearflags & NGX_QUIC_PKT_LONG_RESERVED_BIT; | 1070 badflags = clearflags & NGX_QUIC_PKT_LONG_RESERVED_BIT; |
| 1069 | 1071 |
| 1070 } else { | 1072 } else { |