Mercurial > hg > nginx-quic
comparison src/stream/ngx_stream_quic_module.c @ 8279:dffb66fb783b quic
QUIC: stateless retry.
Previously, quic connection object was created when Retry packet was sent.
This is neither necessary nor convenient, and contradicts the idea of retry:
protecting from bad clients and saving server resources.
Now, the connection is not created, token is verified cryptographically
instead of holding it in connection.
| author | Vladimir Homutov <vl@nginx.com> |
|---|---|
| date | Fri, 29 Jan 2021 15:53:47 +0300 |
| parents | 831d1960826f |
| children | cef042935003 |
comparison
equal
deleted
inserted
replaced
| 8278:dbe33ef9cd9a | 8279:dffb66fb783b |
|---|---|
| 303 ngx_conf_merge_uint_value(conf->tp.active_connection_id_limit, | 303 ngx_conf_merge_uint_value(conf->tp.active_connection_id_limit, |
| 304 prev->tp.active_connection_id_limit, 2); | 304 prev->tp.active_connection_id_limit, 2); |
| 305 | 305 |
| 306 ngx_conf_merge_value(conf->retry, prev->retry, 0); | 306 ngx_conf_merge_value(conf->retry, prev->retry, 0); |
| 307 | 307 |
| 308 if (conf->retry) { | 308 if (RAND_bytes(conf->token_key, sizeof(conf->token_key)) <= 0) { |
| 309 if (RAND_bytes(conf->token_key, sizeof(conf->token_key)) <= 0) { | 309 return NGX_CONF_ERROR; |
| 310 return NGX_CONF_ERROR; | |
| 311 } | |
| 312 } | 310 } |
| 313 | 311 |
| 314 ngx_conf_merge_str_value(conf->sr_token_key, prev->sr_token_key, ""); | 312 ngx_conf_merge_str_value(conf->sr_token_key, prev->sr_token_key, ""); |
| 315 | 313 |
| 316 if (conf->sr_token_key.len == 0) { | 314 if (conf->sr_token_key.len == 0) { |