Mercurial > hg > nginx
comparison src/event/ngx_event_quic_protection.c @ 8643:5fdd0ef42232 quic
QUIC: macros for manipulating header protection and reserved bits.
This gets rid of magic numbers from quic protection and allows to push down
header construction specifics further to quic transport.
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Tue, 17 Nov 2020 21:32:22 +0000 |
| parents | 05b1ee464350 |
| children | e953bd2c5bb3 |
comparison
equal
deleted
inserted
replaced
| 8642:05b1ee464350 | 8643:5fdd0ef42232 |
|---|---|
| 868 { | 868 { |
| 869 return NGX_ERROR; | 869 return NGX_ERROR; |
| 870 } | 870 } |
| 871 | 871 |
| 872 /* quic-tls: 5.4.1. Header Protection Application */ | 872 /* quic-tls: 5.4.1. Header Protection Application */ |
| 873 ad.data[0] ^= mask[0] & 0x0f; | 873 ad.data[0] ^= mask[0] & ngx_quic_pkt_hp_mask(pkt->flags); |
| 874 | 874 |
| 875 for (i = 0; i < pkt->num_len; i++) { | 875 for (i = 0; i < pkt->num_len; i++) { |
| 876 pnp[i] ^= mask[i + 1]; | 876 pnp[i] ^= mask[i + 1]; |
| 877 } | 877 } |
| 878 | 878 |
| 926 { | 926 { |
| 927 return NGX_ERROR; | 927 return NGX_ERROR; |
| 928 } | 928 } |
| 929 | 929 |
| 930 /* quic-tls: 5.4.1. Header Protection Application */ | 930 /* quic-tls: 5.4.1. Header Protection Application */ |
| 931 ad.data[0] ^= mask[0] & 0x1f; | 931 ad.data[0] ^= mask[0] & ngx_quic_pkt_hp_mask(pkt->flags); |
| 932 | 932 |
| 933 for (i = 0; i < pkt->num_len; i++) { | 933 for (i = 0; i < pkt->num_len; i++) { |
| 934 pnp[i] ^= mask[i + 1]; | 934 pnp[i] ^= mask[i + 1]; |
| 935 } | 935 } |
| 936 | 936 |
| 1159 != NGX_OK) | 1159 != NGX_OK) |
| 1160 { | 1160 { |
| 1161 return NGX_DECLINED; | 1161 return NGX_DECLINED; |
| 1162 } | 1162 } |
| 1163 | 1163 |
| 1164 if (ngx_quic_long_pkt(pkt->flags)) { | 1164 clearflags = pkt->flags ^ (mask[0] & ngx_quic_pkt_hp_mask(pkt->flags)); |
| 1165 clearflags = pkt->flags ^ (mask[0] & 0x0f); | 1165 |
| 1166 | 1166 if (ngx_quic_short_pkt(pkt->flags)) { |
| 1167 } else { | |
| 1168 clearflags = pkt->flags ^ (mask[0] & 0x1f); | |
| 1169 key_phase = (clearflags & NGX_QUIC_PKT_KPHASE) != 0; | 1167 key_phase = (clearflags & NGX_QUIC_PKT_KPHASE) != 0; |
| 1170 | 1168 |
| 1171 if (key_phase != pkt->key_phase) { | 1169 if (key_phase != pkt->key_phase) { |
| 1172 secret = &pkt->keys->next_key.client; | 1170 secret = &pkt->keys->next_key.client; |
| 1173 pkt->key_update = 1; | 1171 pkt->key_update = 1; |
| 1190 /* packet protection */ | 1188 /* packet protection */ |
| 1191 | 1189 |
| 1192 in.data = p; | 1190 in.data = p; |
| 1193 in.len = len - pnl; | 1191 in.len = len - pnl; |
| 1194 | 1192 |
| 1195 if (ngx_quic_long_pkt(pkt->flags)) { | 1193 badflags = clearflags & ngx_quic_pkt_rb_mask(pkt->flags); |
| 1196 badflags = clearflags & NGX_QUIC_PKT_LONG_RESERVED_BIT; | |
| 1197 | |
| 1198 } else { | |
| 1199 badflags = clearflags & NGX_QUIC_PKT_SHORT_RESERVED_BIT; | |
| 1200 } | |
| 1201 | 1194 |
| 1202 ad.len = p - pkt->data; | 1195 ad.len = p - pkt->data; |
| 1203 ad.data = pkt->plaintext; | 1196 ad.data = pkt->plaintext; |
| 1204 | 1197 |
| 1205 ngx_memcpy(ad.data, pkt->data, ad.len); | 1198 ngx_memcpy(ad.data, pkt->data, ad.len); |