Mercurial > hg > nginx
comparison src/event/ngx_event_quic_transport.c @ 8383:7ea34e13937f quic
Address validation using Retry packets.
The behaviour is toggled with the new directive "quic_retry on|off".
QUIC token construction is made suitable for issuing with NEW_TOKEN.
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Thu, 14 May 2020 15:47:18 +0300 |
| parents | 262396242352 |
| children | 52d0c4832570 |
comparison
equal
deleted
inserted
replaced
| 8382:b7704303a7e5 | 8383:7ea34e13937f |
|---|---|
| 380 p = ngx_quic_write_uint32(p, pkt->trunc); | 380 p = ngx_quic_write_uint32(p, pkt->trunc); |
| 381 break; | 381 break; |
| 382 } | 382 } |
| 383 | 383 |
| 384 return p - start; | 384 return p - start; |
| 385 } | |
| 386 | |
| 387 | |
| 388 size_t | |
| 389 ngx_quic_create_retry_itag(ngx_quic_header_t *pkt, u_char *out, | |
| 390 u_char **start) | |
| 391 { | |
| 392 u_char *p; | |
| 393 | |
| 394 p = out; | |
| 395 | |
| 396 *p++ = pkt->odcid.len; | |
| 397 p = ngx_cpymem(p, pkt->odcid.data, pkt->odcid.len); | |
| 398 | |
| 399 *start = p; | |
| 400 | |
| 401 *p++ = 0xff; | |
| 402 | |
| 403 p = ngx_quic_write_uint32(p, NGX_QUIC_VERSION); | |
| 404 | |
| 405 *p++ = pkt->dcid.len; | |
| 406 p = ngx_cpymem(p, pkt->dcid.data, pkt->dcid.len); | |
| 407 | |
| 408 *p++ = pkt->scid.len; | |
| 409 p = ngx_cpymem(p, pkt->scid.data, pkt->scid.len); | |
| 410 | |
| 411 p = ngx_cpymem(p, pkt->token.data, pkt->token.len); | |
| 412 | |
| 413 return p - out; | |
| 385 } | 414 } |
| 386 | 415 |
| 387 | 416 |
| 388 ngx_int_t | 417 ngx_int_t |
| 389 ngx_quic_parse_short_header(ngx_quic_header_t *pkt, ngx_str_t *dcid) | 418 ngx_quic_parse_short_header(ngx_quic_header_t *pkt, ngx_str_t *dcid) |
| 1551 tp->initial_max_stream_data_uni); | 1580 tp->initial_max_stream_data_uni); |
| 1552 | 1581 |
| 1553 len += ngx_quic_tp_len(NGX_QUIC_TP_MAX_IDLE_TIMEOUT, | 1582 len += ngx_quic_tp_len(NGX_QUIC_TP_MAX_IDLE_TIMEOUT, |
| 1554 tp->max_idle_timeout); | 1583 tp->max_idle_timeout); |
| 1555 | 1584 |
| 1585 if (tp->retry) { | |
| 1586 len += ngx_quic_varint_len(NGX_QUIC_TP_ORIGINAL_CONNECTION_ID); | |
| 1587 len += ngx_quic_varint_len(tp->original_connection_id.len); | |
| 1588 len += tp->original_connection_id.len; | |
| 1589 } | |
| 1590 | |
| 1556 if (pos == NULL) { | 1591 if (pos == NULL) { |
| 1557 return len; | 1592 return len; |
| 1558 } | 1593 } |
| 1559 | 1594 |
| 1560 ngx_quic_tp_vint(NGX_QUIC_TP_ACTIVE_CONNECTION_ID_LIMIT, | 1595 ngx_quic_tp_vint(NGX_QUIC_TP_ACTIVE_CONNECTION_ID_LIMIT, |
| 1578 ngx_quic_tp_vint(NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_UNI, | 1613 ngx_quic_tp_vint(NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_UNI, |
| 1579 tp->initial_max_stream_data_uni); | 1614 tp->initial_max_stream_data_uni); |
| 1580 | 1615 |
| 1581 ngx_quic_tp_vint(NGX_QUIC_TP_MAX_IDLE_TIMEOUT, | 1616 ngx_quic_tp_vint(NGX_QUIC_TP_MAX_IDLE_TIMEOUT, |
| 1582 tp->max_idle_timeout); | 1617 tp->max_idle_timeout); |
| 1618 | |
| 1619 if (tp->retry) { | |
| 1620 ngx_quic_build_int(&p, NGX_QUIC_TP_ORIGINAL_CONNECTION_ID); | |
| 1621 ngx_quic_build_int(&p, tp->original_connection_id.len); | |
| 1622 p = ngx_cpymem(p, tp->original_connection_id.data, | |
| 1623 tp->original_connection_id.len); | |
| 1624 } | |
| 1583 | 1625 |
| 1584 return p - pos; | 1626 return p - pos; |
| 1585 } | 1627 } |
| 1586 | 1628 |
| 1587 | 1629 |