Mercurial > hg > nginx
comparison src/event/ngx_event_quic_transport.c @ 8383:7ea34e13937f quic
Address validation using Retry packets.
The behaviour is toggled with the new directive "quic_retry on|off".
QUIC token construction is made suitable for issuing with NEW_TOKEN.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Thu, 14 May 2020 15:47:18 +0300 |
parents | 262396242352 |
children | 52d0c4832570 |
comparison
equal
deleted
inserted
replaced
8382:b7704303a7e5 | 8383:7ea34e13937f |
---|---|
380 p = ngx_quic_write_uint32(p, pkt->trunc); | 380 p = ngx_quic_write_uint32(p, pkt->trunc); |
381 break; | 381 break; |
382 } | 382 } |
383 | 383 |
384 return p - start; | 384 return p - start; |
385 } | |
386 | |
387 | |
388 size_t | |
389 ngx_quic_create_retry_itag(ngx_quic_header_t *pkt, u_char *out, | |
390 u_char **start) | |
391 { | |
392 u_char *p; | |
393 | |
394 p = out; | |
395 | |
396 *p++ = pkt->odcid.len; | |
397 p = ngx_cpymem(p, pkt->odcid.data, pkt->odcid.len); | |
398 | |
399 *start = p; | |
400 | |
401 *p++ = 0xff; | |
402 | |
403 p = ngx_quic_write_uint32(p, NGX_QUIC_VERSION); | |
404 | |
405 *p++ = pkt->dcid.len; | |
406 p = ngx_cpymem(p, pkt->dcid.data, pkt->dcid.len); | |
407 | |
408 *p++ = pkt->scid.len; | |
409 p = ngx_cpymem(p, pkt->scid.data, pkt->scid.len); | |
410 | |
411 p = ngx_cpymem(p, pkt->token.data, pkt->token.len); | |
412 | |
413 return p - out; | |
385 } | 414 } |
386 | 415 |
387 | 416 |
388 ngx_int_t | 417 ngx_int_t |
389 ngx_quic_parse_short_header(ngx_quic_header_t *pkt, ngx_str_t *dcid) | 418 ngx_quic_parse_short_header(ngx_quic_header_t *pkt, ngx_str_t *dcid) |
1551 tp->initial_max_stream_data_uni); | 1580 tp->initial_max_stream_data_uni); |
1552 | 1581 |
1553 len += ngx_quic_tp_len(NGX_QUIC_TP_MAX_IDLE_TIMEOUT, | 1582 len += ngx_quic_tp_len(NGX_QUIC_TP_MAX_IDLE_TIMEOUT, |
1554 tp->max_idle_timeout); | 1583 tp->max_idle_timeout); |
1555 | 1584 |
1585 if (tp->retry) { | |
1586 len += ngx_quic_varint_len(NGX_QUIC_TP_ORIGINAL_CONNECTION_ID); | |
1587 len += ngx_quic_varint_len(tp->original_connection_id.len); | |
1588 len += tp->original_connection_id.len; | |
1589 } | |
1590 | |
1556 if (pos == NULL) { | 1591 if (pos == NULL) { |
1557 return len; | 1592 return len; |
1558 } | 1593 } |
1559 | 1594 |
1560 ngx_quic_tp_vint(NGX_QUIC_TP_ACTIVE_CONNECTION_ID_LIMIT, | 1595 ngx_quic_tp_vint(NGX_QUIC_TP_ACTIVE_CONNECTION_ID_LIMIT, |
1578 ngx_quic_tp_vint(NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_UNI, | 1613 ngx_quic_tp_vint(NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_UNI, |
1579 tp->initial_max_stream_data_uni); | 1614 tp->initial_max_stream_data_uni); |
1580 | 1615 |
1581 ngx_quic_tp_vint(NGX_QUIC_TP_MAX_IDLE_TIMEOUT, | 1616 ngx_quic_tp_vint(NGX_QUIC_TP_MAX_IDLE_TIMEOUT, |
1582 tp->max_idle_timeout); | 1617 tp->max_idle_timeout); |
1618 | |
1619 if (tp->retry) { | |
1620 ngx_quic_build_int(&p, NGX_QUIC_TP_ORIGINAL_CONNECTION_ID); | |
1621 ngx_quic_build_int(&p, tp->original_connection_id.len); | |
1622 p = ngx_cpymem(p, tp->original_connection_id.data, | |
1623 tp->original_connection_id.len); | |
1624 } | |
1583 | 1625 |
1584 return p - pos; | 1626 return p - pos; |
1585 } | 1627 } |
1586 | 1628 |
1587 | 1629 |