Mercurial > hg > nginx
comparison src/event/ngx_event_quic.c @ 8507:7f9938cbcd12 quic
QUIC: fixed leak of bytes_in_flight on keys discard.
This applies to discarding Initial and Handshake keys.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Fri, 14 Aug 2020 16:54:06 +0300 |
parents | 03ec6ab67752 |
children | 4604e6043657 |
comparison
equal
deleted
inserted
replaced
8506:03ec6ab67752 | 8507:7f9938cbcd12 |
---|---|
1733 | 1733 |
1734 static ngx_int_t | 1734 static ngx_int_t |
1735 ngx_quic_handshake_input(ngx_connection_t *c, ngx_quic_header_t *pkt) | 1735 ngx_quic_handshake_input(ngx_connection_t *c, ngx_quic_header_t *pkt) |
1736 { | 1736 { |
1737 ngx_int_t rc; | 1737 ngx_int_t rc; |
1738 ngx_queue_t *q; | |
1739 ngx_quic_frame_t *f; | |
1738 ngx_quic_secrets_t *keys; | 1740 ngx_quic_secrets_t *keys; |
1739 ngx_quic_send_ctx_t *ctx; | 1741 ngx_quic_send_ctx_t *ctx; |
1740 ngx_quic_connection_t *qc; | 1742 ngx_quic_connection_t *qc; |
1741 static u_char buf[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; | 1743 static u_char buf[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; |
1742 | 1744 |
1780 /* | 1782 /* |
1781 * 4.10.1. The successful use of Handshake packets indicates | 1783 * 4.10.1. The successful use of Handshake packets indicates |
1782 * that no more Initial packets need to be exchanged | 1784 * that no more Initial packets need to be exchanged |
1783 */ | 1785 */ |
1784 ctx = ngx_quic_get_send_ctx(c->quic, ssl_encryption_initial); | 1786 ctx = ngx_quic_get_send_ctx(c->quic, ssl_encryption_initial); |
1785 ngx_quic_free_frames(c, &ctx->sent); | 1787 |
1788 while (!ngx_queue_empty(&ctx->sent)) { | |
1789 q = ngx_queue_head(&ctx->sent); | |
1790 ngx_queue_remove(q); | |
1791 | |
1792 f = ngx_queue_data(q, ngx_quic_frame_t, queue); | |
1793 ngx_quic_congestion_ack(c, f); | |
1794 ngx_quic_free_frame(c, f); | |
1795 } | |
1786 | 1796 |
1787 qc->validated = 1; | 1797 qc->validated = 1; |
1788 qc->pto_count = 0; | 1798 qc->pto_count = 0; |
1789 | 1799 |
1790 return ngx_quic_payload_handler(c, pkt); | 1800 return ngx_quic_payload_handler(c, pkt); |
2799 | 2809 |
2800 static ngx_int_t | 2810 static ngx_int_t |
2801 ngx_quic_crypto_input(ngx_connection_t *c, ngx_quic_frame_t *frame, void *data) | 2811 ngx_quic_crypto_input(ngx_connection_t *c, ngx_quic_frame_t *frame, void *data) |
2802 { | 2812 { |
2803 int n, sslerr; | 2813 int n, sslerr; |
2814 ngx_queue_t *q; | |
2804 ngx_ssl_conn_t *ssl_conn; | 2815 ngx_ssl_conn_t *ssl_conn; |
2805 ngx_quic_send_ctx_t *ctx; | 2816 ngx_quic_send_ctx_t *ctx; |
2806 ngx_quic_crypto_frame_t *f; | 2817 ngx_quic_crypto_frame_t *f; |
2807 | 2818 |
2808 f = &frame->u.crypto; | 2819 f = &frame->u.crypto; |
2877 /* | 2888 /* |
2878 * 4.10.2 An endpoint MUST discard its handshake keys | 2889 * 4.10.2 An endpoint MUST discard its handshake keys |
2879 * when the TLS handshake is confirmed | 2890 * when the TLS handshake is confirmed |
2880 */ | 2891 */ |
2881 ctx = ngx_quic_get_send_ctx(c->quic, ssl_encryption_handshake); | 2892 ctx = ngx_quic_get_send_ctx(c->quic, ssl_encryption_handshake); |
2882 ngx_quic_free_frames(c, &ctx->sent); | 2893 |
2894 while (!ngx_queue_empty(&ctx->sent)) { | |
2895 q = ngx_queue_head(&ctx->sent); | |
2896 ngx_queue_remove(q); | |
2897 | |
2898 frame = ngx_queue_data(q, ngx_quic_frame_t, queue); | |
2899 ngx_quic_congestion_ack(c, frame); | |
2900 ngx_quic_free_frame(c, frame); | |
2901 } | |
2883 | 2902 |
2884 c->quic->pto_count = 0; | 2903 c->quic->pto_count = 0; |
2885 } | 2904 } |
2886 | 2905 |
2887 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, | 2906 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |