# HG changeset patch # User Roman Arutyunyan # Date 1675164393 -14400 # Node ID def8e398d7c50131f8dac844814fff729da5c86c # Parent 3c98fa8fef6f50ac4787480743de0f013812e0e8 QUIC: fixed broken token in NEW_TOKEN (ticket #2446). Previously, since 3550b00d9dc8, the token was allocated on stack, to get rid of pool usage. Now the token is allocated by ngx_quic_copy_buffer() in QUIC buffers, also used for STREAM, CRYPTO and ACK frames. diff --git a/src/event/quic/ngx_event_quic_frames.c b/src/event/quic/ngx_event_quic_frames.c --- a/src/event/quic/ngx_event_quic_frames.c +++ b/src/event/quic/ngx_event_quic_frames.c @@ -858,6 +858,20 @@ ngx_quic_log_frame(ngx_log_t *log, ngx_q case NGX_QUIC_FT_NEW_TOKEN: p = ngx_slprintf(p, last, "NEW_TOKEN"); + +#ifdef NGX_QUIC_DEBUG_FRAMES + { + ngx_chain_t *cl; + + p = ngx_slprintf(p, last, " token:"); + + for (cl = f->data; cl; cl = cl->next) { + p = ngx_slprintf(p, last, "%*xs", + cl->buf->last - cl->buf->pos, cl->buf->pos); + } + } +#endif + break; case NGX_QUIC_FT_HANDSHAKE_DONE: diff --git a/src/event/quic/ngx_event_quic_output.c b/src/event/quic/ngx_event_quic_output.c --- a/src/event/quic/ngx_event_quic_output.c +++ b/src/event/quic/ngx_event_quic_output.c @@ -1076,6 +1076,7 @@ ngx_quic_send_new_token(ngx_connection_t { time_t expires; ngx_str_t token; + ngx_chain_t *out; ngx_quic_frame_t *frame; ngx_quic_connection_t *qc; @@ -1095,6 +1096,11 @@ ngx_quic_send_new_token(ngx_connection_t return NGX_ERROR; } + out = ngx_quic_copy_buffer(c, token.data, token.len); + if (out == NGX_CHAIN_ERROR) { + return NGX_ERROR; + } + frame = ngx_quic_alloc_frame(c); if (frame == NULL) { return NGX_ERROR; @@ -1102,8 +1108,8 @@ ngx_quic_send_new_token(ngx_connection_t frame->level = ssl_encryption_application; frame->type = NGX_QUIC_FT_NEW_TOKEN; + frame->data = out; frame->u.token.length = token.len; - frame->u.token.data = token.data; ngx_quic_queue_frame(qc, frame); diff --git a/src/event/quic/ngx_event_quic_transport.c b/src/event/quic/ngx_event_quic_transport.c --- a/src/event/quic/ngx_event_quic_transport.c +++ b/src/event/quic/ngx_event_quic_transport.c @@ -109,7 +109,7 @@ static size_t ngx_quic_create_crypto(u_c ngx_quic_crypto_frame_t *crypto, ngx_chain_t *data); static size_t ngx_quic_create_hs_done(u_char *p); static size_t ngx_quic_create_new_token(u_char *p, - ngx_quic_new_token_frame_t *token); + ngx_quic_new_token_frame_t *token, ngx_chain_t *data); static size_t ngx_quic_create_stream(u_char *p, ngx_quic_stream_frame_t *sf, ngx_chain_t *data); static size_t ngx_quic_create_max_streams(u_char *p, @@ -1301,7 +1301,7 @@ ngx_quic_create_frame(u_char *p, ngx_qui return ngx_quic_create_hs_done(p); case NGX_QUIC_FT_NEW_TOKEN: - return ngx_quic_create_new_token(p, &f->u.token); + return ngx_quic_create_new_token(p, &f->u.token, f->data); case NGX_QUIC_FT_STREAM: return ngx_quic_create_stream(p, &f->u.stream, f->data); @@ -1491,10 +1491,12 @@ ngx_quic_create_hs_done(u_char *p) static size_t -ngx_quic_create_new_token(u_char *p, ngx_quic_new_token_frame_t *token) +ngx_quic_create_new_token(u_char *p, ngx_quic_new_token_frame_t *token, + ngx_chain_t *data) { - size_t len; - u_char *start; + size_t len; + u_char *start; + ngx_buf_t *b; if (p == NULL) { len = ngx_quic_varint_len(NGX_QUIC_FT_NEW_TOKEN); @@ -1508,7 +1510,12 @@ ngx_quic_create_new_token(u_char *p, ngx ngx_quic_build_int(&p, NGX_QUIC_FT_NEW_TOKEN); ngx_quic_build_int(&p, token->length); - p = ngx_cpymem(p, token->data, token->length); + + while (data) { + b = data->buf; + p = ngx_cpymem(p, b->pos, b->last - b->pos); + data = data->next; + } return p - start; } diff --git a/src/event/quic/ngx_event_quic_transport.h b/src/event/quic/ngx_event_quic_transport.h --- a/src/event/quic/ngx_event_quic_transport.h +++ b/src/event/quic/ngx_event_quic_transport.h @@ -167,7 +167,6 @@ typedef struct { typedef struct { uint64_t length; - u_char *data; } ngx_quic_new_token_frame_t; /*