Mercurial > hg > nginx
comparison src/event/ngx_event_quic_protection.c @ 8536:c6b963de0c00 quic
QUIC: pass return code from ngx_quic_decrypt() to the caller.
It is required to distinguish internal errors from corrupted packets and
perform actions accordingly: drop the packet or close the connection.
While there, made processing of ngx_quic_decrypt() erorrs similar and
removed couple of protocol violation errors.
author | Vladimir Homutov <vl@nginx.com> |
---|---|
date | Wed, 02 Sep 2020 22:34:15 +0300 |
parents | b13141d6d250 |
children | d3489d225f8f |
comparison
equal
deleted
inserted
replaced
8535:eb5aa85294e9 | 8536:c6b963de0c00 |
---|---|
1024 /* header protection */ | 1024 /* header protection */ |
1025 | 1025 |
1026 if (ngx_quic_tls_hp(pkt->log, ciphers.hp, secret, mask, sample) | 1026 if (ngx_quic_tls_hp(pkt->log, ciphers.hp, secret, mask, sample) |
1027 != NGX_OK) | 1027 != NGX_OK) |
1028 { | 1028 { |
1029 pkt->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; | |
1030 return NGX_DECLINED; | 1029 return NGX_DECLINED; |
1031 } | 1030 } |
1032 | 1031 |
1033 if (ngx_quic_long_pkt(pkt->flags)) { | 1032 if (ngx_quic_long_pkt(pkt->flags)) { |
1034 clearflags = pkt->flags ^ (mask[0] & 0x0f); | 1033 clearflags = pkt->flags ^ (mask[0] & 0x0f); |
1101 ngx_quic_hexdump(pkt->log, "quic packet payload", | 1100 ngx_quic_hexdump(pkt->log, "quic packet payload", |
1102 pkt->payload.data, pkt->payload.len); | 1101 pkt->payload.data, pkt->payload.len); |
1103 #endif | 1102 #endif |
1104 | 1103 |
1105 if (rc != NGX_OK) { | 1104 if (rc != NGX_OK) { |
1106 pkt->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; | |
1107 return NGX_DECLINED; | 1105 return NGX_DECLINED; |
1108 } | 1106 } |
1109 | 1107 |
1110 if (badflags) { | 1108 if (badflags) { |
1111 /* | 1109 /* |