Mercurial > hg > nginx-quic
changeset 7864:eebdda507ec3 quic
Added tests for connection id lengths in initial packet.
author | Vladimir Homutov <vl@nginx.com> |
---|---|
date | Thu, 14 May 2020 14:49:28 +0300 |
parents | 81f85c479d7e |
children | a9cc1627cf1c |
files | src/event/ngx_event_quic.c src/event/ngx_event_quic_transport.c src/event/ngx_event_quic_transport.h |
diffstat | 3 files changed, 24 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/src/event/ngx_event_quic.c +++ b/src/event/ngx_event_quic.c @@ -579,6 +579,14 @@ ngx_quic_new_connection(ngx_connection_t return NGX_ERROR; } + if (pkt->dcid.len < NGX_QUIC_CID_LEN_MIN) { + /* 7.2. Negotiating Connection IDs */ + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic too short dcid in initial packet: length %i", + pkt->dcid.len); + return NGX_ERROR; + } + c->log->action = "creating new quic connection"; qc = ngx_pcalloc(c->pool, sizeof(ngx_quic_connection_t));
--- a/src/event/ngx_event_quic_transport.c +++ b/src/event/ngx_event_quic_transport.c @@ -283,6 +283,12 @@ ngx_quic_parse_long_header(ngx_quic_head return NGX_ERROR; } + if (idlen > NGX_QUIC_CID_LEN_MAX) { + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, + "quic packet dcid is too long"); + return NGX_ERROR; + } + pkt->dcid.len = idlen; p = ngx_quic_read_bytes(p, end, idlen, &pkt->dcid.data); @@ -299,6 +305,12 @@ ngx_quic_parse_long_header(ngx_quic_head return NGX_ERROR; } + if (idlen > NGX_QUIC_CID_LEN_MAX) { + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, + "quic packet scid is too long"); + return NGX_ERROR; + } + pkt->scid.len = idlen; p = ngx_quic_read_bytes(p, end, idlen, &pkt->scid.data);
--- a/src/event/ngx_event_quic_transport.h +++ b/src/event/ngx_event_quic_transport.h @@ -112,6 +112,9 @@ #define NGX_QUIC_TP_PREFERRED_ADDRESS 0x0D #define NGX_QUIC_TP_ACTIVE_CONNECTION_ID_LIMIT 0x0E +#define NGX_QUIC_CID_LEN_MIN 8 +#define NGX_QUIC_CID_LEN_MAX 20 + typedef struct { uint64_t largest; @@ -130,7 +133,7 @@ typedef struct { uint64_t seqnum; uint64_t retire; uint8_t len; - u_char cid[20]; + u_char cid[NGX_QUIC_CID_LEN_MAX]; u_char srt[16]; } ngx_quic_new_conn_id_frame_t;