Mercurial > hg > nginx
comparison src/event/ngx_event_quic_protection.c @ 8536:c6b963de0c00 quic
QUIC: pass return code from ngx_quic_decrypt() to the caller.
It is required to distinguish internal errors from corrupted packets and
perform actions accordingly: drop the packet or close the connection.
While there, made processing of ngx_quic_decrypt() erorrs similar and
removed couple of protocol violation errors.
| author | Vladimir Homutov <vl@nginx.com> |
|---|---|
| date | Wed, 02 Sep 2020 22:34:15 +0300 |
| parents | b13141d6d250 |
| children | d3489d225f8f |
comparison
equal
deleted
inserted
replaced
| 8535:eb5aa85294e9 | 8536:c6b963de0c00 |
|---|---|
| 1024 /* header protection */ | 1024 /* header protection */ |
| 1025 | 1025 |
| 1026 if (ngx_quic_tls_hp(pkt->log, ciphers.hp, secret, mask, sample) | 1026 if (ngx_quic_tls_hp(pkt->log, ciphers.hp, secret, mask, sample) |
| 1027 != NGX_OK) | 1027 != NGX_OK) |
| 1028 { | 1028 { |
| 1029 pkt->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; | |
| 1030 return NGX_DECLINED; | 1029 return NGX_DECLINED; |
| 1031 } | 1030 } |
| 1032 | 1031 |
| 1033 if (ngx_quic_long_pkt(pkt->flags)) { | 1032 if (ngx_quic_long_pkt(pkt->flags)) { |
| 1034 clearflags = pkt->flags ^ (mask[0] & 0x0f); | 1033 clearflags = pkt->flags ^ (mask[0] & 0x0f); |
| 1101 ngx_quic_hexdump(pkt->log, "quic packet payload", | 1100 ngx_quic_hexdump(pkt->log, "quic packet payload", |
| 1102 pkt->payload.data, pkt->payload.len); | 1101 pkt->payload.data, pkt->payload.len); |
| 1103 #endif | 1102 #endif |
| 1104 | 1103 |
| 1105 if (rc != NGX_OK) { | 1104 if (rc != NGX_OK) { |
| 1106 pkt->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; | |
| 1107 return NGX_DECLINED; | 1105 return NGX_DECLINED; |
| 1108 } | 1106 } |
| 1109 | 1107 |
| 1110 if (badflags) { | 1108 if (badflags) { |
| 1111 /* | 1109 /* |