Mercurial > hg > nginx

comparison src/event/ngx_event_quic.c @ 8507:7f9938cbcd12 quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
QUIC: fixed leak of bytes_in_flight on keys discard. This applies to discarding Initial and Handshake keys.
author Sergey Kandaurov <pluknet@nginx.com>
date Fri, 14 Aug 2020 16:54:06 +0300
parents 03ec6ab67752
children 4604e6043657
comparison
equal deleted inserted replaced
8506:03ec6ab67752 8507:7f9938cbcd12
1733 1733
1734 static ngx_int_t 1734 static ngx_int_t
1735 ngx_quic_handshake_input(ngx_connection_t *c, ngx_quic_header_t *pkt) 1735 ngx_quic_handshake_input(ngx_connection_t *c, ngx_quic_header_t *pkt)
1736 { 1736 {
1737 ngx_int_t rc; 1737 ngx_int_t rc;
1738 ngx_queue_t *q;
1739 ngx_quic_frame_t *f;
1738 ngx_quic_secrets_t *keys; 1740 ngx_quic_secrets_t *keys;
1739 ngx_quic_send_ctx_t *ctx; 1741 ngx_quic_send_ctx_t *ctx;
1740 ngx_quic_connection_t *qc; 1742 ngx_quic_connection_t *qc;
1741 static u_char buf[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; 1743 static u_char buf[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE];
1742 1744
1780 /* 1782 /*
1781 * 4.10.1. The successful use of Handshake packets indicates 1783 * 4.10.1. The successful use of Handshake packets indicates
1782 * that no more Initial packets need to be exchanged 1784 * that no more Initial packets need to be exchanged
1783 */ 1785 */
1784 ctx = ngx_quic_get_send_ctx(c->quic, ssl_encryption_initial); 1786 ctx = ngx_quic_get_send_ctx(c->quic, ssl_encryption_initial);
1785 ngx_quic_free_frames(c, &ctx->sent); 1787
1788 while (!ngx_queue_empty(&ctx->sent)) {
1789 q = ngx_queue_head(&ctx->sent);
1790 ngx_queue_remove(q);
1791
1792 f = ngx_queue_data(q, ngx_quic_frame_t, queue);
1793 ngx_quic_congestion_ack(c, f);
1794 ngx_quic_free_frame(c, f);
1795 }
1786 1796
1787 qc->validated = 1; 1797 qc->validated = 1;
1788 qc->pto_count = 0; 1798 qc->pto_count = 0;
1789 1799
1790 return ngx_quic_payload_handler(c, pkt); 1800 return ngx_quic_payload_handler(c, pkt);
2799 2809
2800 static ngx_int_t 2810 static ngx_int_t
2801 ngx_quic_crypto_input(ngx_connection_t *c, ngx_quic_frame_t *frame, void *data) 2811 ngx_quic_crypto_input(ngx_connection_t *c, ngx_quic_frame_t *frame, void *data)
2802 { 2812 {
2803 int n, sslerr; 2813 int n, sslerr;
2814 ngx_queue_t *q;
2804 ngx_ssl_conn_t *ssl_conn; 2815 ngx_ssl_conn_t *ssl_conn;
2805 ngx_quic_send_ctx_t *ctx; 2816 ngx_quic_send_ctx_t *ctx;
2806 ngx_quic_crypto_frame_t *f; 2817 ngx_quic_crypto_frame_t *f;
2807 2818
2808 f = &frame->u.crypto; 2819 f = &frame->u.crypto;
2877 /* 2888 /*
2878 * 4.10.2 An endpoint MUST discard its handshake keys 2889 * 4.10.2 An endpoint MUST discard its handshake keys
2879 * when the TLS handshake is confirmed 2890 * when the TLS handshake is confirmed
2880 */ 2891 */
2881 ctx = ngx_quic_get_send_ctx(c->quic, ssl_encryption_handshake); 2892 ctx = ngx_quic_get_send_ctx(c->quic, ssl_encryption_handshake);
2882 ngx_quic_free_frames(c, &ctx->sent); 2893
2894 while (!ngx_queue_empty(&ctx->sent)) {
2895 q = ngx_queue_head(&ctx->sent);
2896 ngx_queue_remove(q);
2897
2898 frame = ngx_queue_data(q, ngx_quic_frame_t, queue);
2899 ngx_quic_congestion_ack(c, frame);
2900 ngx_quic_free_frame(c, frame);
2901 }
2883 2902
2884 c->quic->pto_count = 0; 2903 c->quic->pto_count = 0;
2885 } 2904 }
2886 2905
2887 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, 2906 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,