Mercurial > hg > nginx-quic
comparison src/event/ngx_event_quic_protection.c @ 7784:1bb5e8538d0c quic
Removed excessive debugging in QUIC packet creation.
While here, eliminated further difference in between.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Sat, 04 Apr 2020 17:34:39 +0300 |
parents | 435fed8e2489 |
children | 29354c6fc5f2 |
comparison
equal
deleted
inserted
replaced
7783:435fed8e2489 | 7784:1bb5e8538d0c |
---|---|
696 { | 696 { |
697 return NGX_ERROR; | 697 return NGX_ERROR; |
698 } | 698 } |
699 | 699 |
700 ngx_quic_hexdump0(pkt->log, "sample", sample, 16); | 700 ngx_quic_hexdump0(pkt->log, "sample", sample, 16); |
701 ngx_quic_hexdump0(pkt->log, "mask", mask, 16); | 701 ngx_quic_hexdump0(pkt->log, "mask", mask, 5); |
702 ngx_quic_hexdump0(pkt->log, "hp_key", pkt->secret->hp.data, 16); | |
703 | 702 |
704 /* quic-tls: 5.4.1. Header Protection Application */ | 703 /* quic-tls: 5.4.1. Header Protection Application */ |
705 ad.data[0] ^= mask[0] & 0x0f; | 704 ad.data[0] ^= mask[0] & 0x0f; |
706 | 705 |
707 for (i = 0; i < pkt->num_len; i++) { | 706 for (i = 0; i < pkt->num_len; i++) { |
727 out.len = pkt->payload.len + EVP_GCM_TLS_TAG_LEN; | 726 out.len = pkt->payload.len + EVP_GCM_TLS_TAG_LEN; |
728 | 727 |
729 ad.data = res->data; | 728 ad.data = res->data; |
730 ad.len = ngx_quic_create_short_header(pkt, ad.data, out.len, &pnp); | 729 ad.len = ngx_quic_create_short_header(pkt, ad.data, out.len, &pnp); |
731 | 730 |
731 out.data = res->data + ad.len; | |
732 | |
732 ngx_quic_hexdump0(pkt->log, "ad", ad.data, ad.len); | 733 ngx_quic_hexdump0(pkt->log, "ad", ad.data, ad.len); |
733 | 734 |
734 if (ngx_quic_ciphers(ssl_conn, &ciphers, pkt->level) == NGX_ERROR) { | 735 if (ngx_quic_ciphers(ssl_conn, &ciphers, pkt->level) == NGX_ERROR) { |
735 return NGX_ERROR; | 736 return NGX_ERROR; |
736 } | 737 } |
743 ngx_quic_compute_nonce(nonce, sizeof(nonce), pkt->number); | 744 ngx_quic_compute_nonce(nonce, sizeof(nonce), pkt->number); |
744 | 745 |
745 ngx_quic_hexdump0(pkt->log, "server_iv", pkt->secret->iv.data, 12); | 746 ngx_quic_hexdump0(pkt->log, "server_iv", pkt->secret->iv.data, 12); |
746 ngx_quic_hexdump0(pkt->log, "nonce", nonce, 12); | 747 ngx_quic_hexdump0(pkt->log, "nonce", nonce, 12); |
747 | 748 |
748 out.data = res->data + ad.len; | 749 if (ngx_quic_tls_seal(ciphers.c, pkt->secret, &out, |
749 | 750 nonce, &pkt->payload, &ad, pkt->log) |
750 if (ngx_quic_tls_seal(ciphers.c, pkt->secret, &out, nonce, &pkt->payload, | |
751 &ad, pkt->log) | |
752 != NGX_OK) | 751 != NGX_OK) |
753 { | 752 { |
754 return NGX_ERROR; | 753 return NGX_ERROR; |
755 } | 754 } |
756 | |
757 ngx_quic_hexdump0(pkt->log, "out", out.data, out.len); | |
758 | 755 |
759 sample = &out.data[4 - pkt->num_len]; | 756 sample = &out.data[4 - pkt->num_len]; |
760 if (ngx_quic_tls_hp(pkt->log, ciphers.hp, pkt->secret, mask, sample) | 757 if (ngx_quic_tls_hp(pkt->log, ciphers.hp, pkt->secret, mask, sample) |
761 != NGX_OK) | 758 != NGX_OK) |
762 { | 759 { |
763 return NGX_ERROR; | 760 return NGX_ERROR; |
764 } | 761 } |
765 | 762 |
766 ngx_quic_hexdump0(pkt->log, "sample", sample, 16); | 763 ngx_quic_hexdump0(pkt->log, "sample", sample, 16); |
767 ngx_quic_hexdump0(pkt->log, "mask", mask, 16); | 764 ngx_quic_hexdump0(pkt->log, "mask", mask, 5); |
768 ngx_quic_hexdump0(pkt->log, "hp_key", pkt->secret->hp.data, 16); | |
769 | 765 |
770 /* quic-tls: 5.4.1. Header Protection Application */ | 766 /* quic-tls: 5.4.1. Header Protection Application */ |
771 ad.data[0] ^= mask[0] & 0x1f; | 767 ad.data[0] ^= mask[0] & 0x1f; |
772 | 768 |
773 for (i = 0; i < pkt->num_len; i++) { | 769 for (i = 0; i < pkt->num_len; i++) { |
774 pnp[i] ^= mask[i + 1]; | 770 pnp[i] ^= mask[i + 1]; |
775 } | 771 } |
776 | 772 |
777 res->len = ad.len + out.len; | 773 res->len = ad.len + out.len; |
778 | |
779 ngx_quic_hexdump0(pkt->log, "packet", res->data, res->len); | |
780 | 774 |
781 return NGX_OK; | 775 return NGX_OK; |
782 } | 776 } |
783 | 777 |
784 | 778 |