Mercurial > hg > nginx
comparison src/event/ngx_event_quic_protection.c @ 8651:dbad2d6d1898 quic
QUIC: removed ngx_quic_hexdump() macro.
Instead, appropriate format specifier for hexadecimal is used
in ngx_log_debug().
The STREAM frame "data" debug is moved into ngx_quic_log_frame(), similar
to all other frame fields debug.
| author | Vladimir Homutov <vl@nginx.com> |
|---|---|
| date | Fri, 27 Nov 2020 18:43:36 +0300 |
| parents | 4bf332873a83 |
| children | a4c05aff8ec0 |
comparison
equal
deleted
inserted
replaced
| 8650:9dce2978e4fd | 8651:dbad2d6d1898 |
|---|---|
| 181 }; | 181 }; |
| 182 | 182 |
| 183 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, pool->log, 0, | 183 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, pool->log, 0, |
| 184 "quic ngx_quic_set_initial_secret"); | 184 "quic ngx_quic_set_initial_secret"); |
| 185 #ifdef NGX_QUIC_DEBUG_CRYPTO | 185 #ifdef NGX_QUIC_DEBUG_CRYPTO |
| 186 ngx_quic_hexdump(pool->log, "quic salt", salt, sizeof(salt)); | 186 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, pool->log, 0, |
| 187 ngx_quic_hexdump(pool->log, "quic initial secret", is, is_len); | 187 "quic salt len:%uz %*xs", sizeof(salt), sizeof(salt), salt); |
| 188 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, pool->log, 0, | |
| 189 "quic initial secret len:%uz %*xs", is_len, is_len, is); | |
| 188 #endif | 190 #endif |
| 189 | 191 |
| 190 /* draft-ietf-quic-tls-23#section-5.2 */ | 192 /* draft-ietf-quic-tls-23#section-5.2 */ |
| 191 client->secret.len = SHA256_DIGEST_LENGTH; | 193 client->secret.len = SHA256_DIGEST_LENGTH; |
| 192 server->secret.len = SHA256_DIGEST_LENGTH; | 194 server->secret.len = SHA256_DIGEST_LENGTH; |
| 290 "ngx_hkdf_expand(%V) failed", label); | 292 "ngx_hkdf_expand(%V) failed", label); |
| 291 return NGX_ERROR; | 293 return NGX_ERROR; |
| 292 } | 294 } |
| 293 | 295 |
| 294 #ifdef NGX_QUIC_DEBUG_CRYPTO | 296 #ifdef NGX_QUIC_DEBUG_CRYPTO |
| 295 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, pool->log, 0, "quic expand %V", label); | 297 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, pool->log, 0, |
| 296 ngx_quic_hexdump(pool->log, "quic key", out->data, out->len); | 298 "quic expand %V key len:%uz %xV", label, out->len, out); |
| 297 #endif | 299 #endif |
| 298 | 300 |
| 299 return NGX_OK; | 301 return NGX_OK; |
| 300 } | 302 } |
| 301 | 303 |
| 838 ad.len = ngx_quic_create_header(pkt, ad.data, out.len, &pnp); | 840 ad.len = ngx_quic_create_header(pkt, ad.data, out.len, &pnp); |
| 839 | 841 |
| 840 out.data = res->data + ad.len; | 842 out.data = res->data + ad.len; |
| 841 | 843 |
| 842 #ifdef NGX_QUIC_DEBUG_CRYPTO | 844 #ifdef NGX_QUIC_DEBUG_CRYPTO |
| 843 ngx_quic_hexdump(pkt->log, "quic ad", ad.data, ad.len); | 845 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pkt->log, 0, |
| 846 "quic ad len:%uz %xV", ad.len, &ad); | |
| 844 #endif | 847 #endif |
| 845 | 848 |
| 846 if (ngx_quic_ciphers(pkt->keys->cipher, &ciphers, pkt->level) == NGX_ERROR) | 849 if (ngx_quic_ciphers(pkt->keys->cipher, &ciphers, pkt->level) == NGX_ERROR) |
| 847 { | 850 { |
| 848 return NGX_ERROR; | 851 return NGX_ERROR; |
| 908 | 911 |
| 909 itag.data = ad.data + ad.len; | 912 itag.data = ad.data + ad.len; |
| 910 itag.len = EVP_GCM_TLS_TAG_LEN; | 913 itag.len = EVP_GCM_TLS_TAG_LEN; |
| 911 | 914 |
| 912 #ifdef NGX_QUIC_DEBUG_CRYPTO | 915 #ifdef NGX_QUIC_DEBUG_CRYPTO |
| 913 ngx_quic_hexdump(pkt->log, "quic retry itag", ad.data, ad.len); | 916 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pkt->log, 0, |
| 917 "quic retry itag len:%uz %xV", ad.len, &ad); | |
| 914 #endif | 918 #endif |
| 915 | 919 |
| 916 if (ngx_quic_ciphers(0, &ciphers, pkt->level) == NGX_ERROR) { | 920 if (ngx_quic_ciphers(0, &ciphers, pkt->level) == NGX_ERROR) { |
| 917 return NGX_ERROR; | 921 return NGX_ERROR; |
| 918 } | 922 } |
| 980 } | 984 } |
| 981 | 985 |
| 982 ngx_memcpy(token, key, NGX_QUIC_SR_TOKEN_LEN); | 986 ngx_memcpy(token, key, NGX_QUIC_SR_TOKEN_LEN); |
| 983 | 987 |
| 984 #if (NGX_DEBUG) | 988 #if (NGX_DEBUG) |
| 985 ngx_quic_hexdump(c->log, "quic stateless reset token", token, | 989 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 986 (size_t) NGX_QUIC_SR_TOKEN_LEN); | 990 "quic stateless reset token %*xs", |
| 991 (size_t) NGX_QUIC_SR_TOKEN_LEN, token); | |
| 987 #endif | 992 #endif |
| 988 | 993 |
| 989 return NGX_OK; | 994 return NGX_OK; |
| 990 } | 995 } |
| 991 | 996 |
| 1136 | 1141 |
| 1137 ngx_memcpy(nonce, secret->iv.data, secret->iv.len); | 1142 ngx_memcpy(nonce, secret->iv.data, secret->iv.len); |
| 1138 ngx_quic_compute_nonce(nonce, sizeof(nonce), pn); | 1143 ngx_quic_compute_nonce(nonce, sizeof(nonce), pn); |
| 1139 | 1144 |
| 1140 #ifdef NGX_QUIC_DEBUG_CRYPTO | 1145 #ifdef NGX_QUIC_DEBUG_CRYPTO |
| 1141 ngx_quic_hexdump(pkt->log, "quic ad", ad.data, ad.len); | 1146 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pkt->log, 0, |
| 1147 "quic ad len:%uz %xV", ad.len, &ad); | |
| 1142 #endif | 1148 #endif |
| 1143 | 1149 |
| 1144 pkt->payload.len = in.len - EVP_GCM_TLS_TAG_LEN; | 1150 pkt->payload.len = in.len - EVP_GCM_TLS_TAG_LEN; |
| 1145 pkt->payload.data = pkt->plaintext + ad.len; | 1151 pkt->payload.data = pkt->plaintext + ad.len; |
| 1146 | 1152 |
| 1172 pkt->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; | 1178 pkt->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; |
| 1173 return NGX_ERROR; | 1179 return NGX_ERROR; |
| 1174 } | 1180 } |
| 1175 | 1181 |
| 1176 #if defined(NGX_QUIC_DEBUG_CRYPTO) && defined(NGX_QUIC_DEBUG_PACKETS) | 1182 #if defined(NGX_QUIC_DEBUG_CRYPTO) && defined(NGX_QUIC_DEBUG_PACKETS) |
| 1177 ngx_quic_hexdump(pkt->log, "quic packet payload", | 1183 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pkt->log, 0, |
| 1178 pkt->payload.data, pkt->payload.len); | 1184 "quic packet payload len:%uz %xV", |
| 1185 pkt->payload.len, &pkt->payload); | |
| 1179 #endif | 1186 #endif |
| 1180 | 1187 |
| 1181 *largest_pn = lpn; | 1188 *largest_pn = lpn; |
| 1182 | 1189 |
| 1183 return NGX_OK; | 1190 return NGX_OK; |