Mercurial > hg > nginx
comparison src/event/ngx_event_quic_protection.c @ 8651:dbad2d6d1898 quic
QUIC: removed ngx_quic_hexdump() macro.
Instead, appropriate format specifier for hexadecimal is used
in ngx_log_debug().
The STREAM frame "data" debug is moved into ngx_quic_log_frame(), similar
to all other frame fields debug.
author | Vladimir Homutov <vl@nginx.com> |
---|---|
date | Fri, 27 Nov 2020 18:43:36 +0300 |
parents | 4bf332873a83 |
children | a4c05aff8ec0 |
comparison
equal
deleted
inserted
replaced
8650:9dce2978e4fd | 8651:dbad2d6d1898 |
---|---|
181 }; | 181 }; |
182 | 182 |
183 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, pool->log, 0, | 183 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, pool->log, 0, |
184 "quic ngx_quic_set_initial_secret"); | 184 "quic ngx_quic_set_initial_secret"); |
185 #ifdef NGX_QUIC_DEBUG_CRYPTO | 185 #ifdef NGX_QUIC_DEBUG_CRYPTO |
186 ngx_quic_hexdump(pool->log, "quic salt", salt, sizeof(salt)); | 186 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, pool->log, 0, |
187 ngx_quic_hexdump(pool->log, "quic initial secret", is, is_len); | 187 "quic salt len:%uz %*xs", sizeof(salt), sizeof(salt), salt); |
188 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, pool->log, 0, | |
189 "quic initial secret len:%uz %*xs", is_len, is_len, is); | |
188 #endif | 190 #endif |
189 | 191 |
190 /* draft-ietf-quic-tls-23#section-5.2 */ | 192 /* draft-ietf-quic-tls-23#section-5.2 */ |
191 client->secret.len = SHA256_DIGEST_LENGTH; | 193 client->secret.len = SHA256_DIGEST_LENGTH; |
192 server->secret.len = SHA256_DIGEST_LENGTH; | 194 server->secret.len = SHA256_DIGEST_LENGTH; |
290 "ngx_hkdf_expand(%V) failed", label); | 292 "ngx_hkdf_expand(%V) failed", label); |
291 return NGX_ERROR; | 293 return NGX_ERROR; |
292 } | 294 } |
293 | 295 |
294 #ifdef NGX_QUIC_DEBUG_CRYPTO | 296 #ifdef NGX_QUIC_DEBUG_CRYPTO |
295 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, pool->log, 0, "quic expand %V", label); | 297 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, pool->log, 0, |
296 ngx_quic_hexdump(pool->log, "quic key", out->data, out->len); | 298 "quic expand %V key len:%uz %xV", label, out->len, out); |
297 #endif | 299 #endif |
298 | 300 |
299 return NGX_OK; | 301 return NGX_OK; |
300 } | 302 } |
301 | 303 |
838 ad.len = ngx_quic_create_header(pkt, ad.data, out.len, &pnp); | 840 ad.len = ngx_quic_create_header(pkt, ad.data, out.len, &pnp); |
839 | 841 |
840 out.data = res->data + ad.len; | 842 out.data = res->data + ad.len; |
841 | 843 |
842 #ifdef NGX_QUIC_DEBUG_CRYPTO | 844 #ifdef NGX_QUIC_DEBUG_CRYPTO |
843 ngx_quic_hexdump(pkt->log, "quic ad", ad.data, ad.len); | 845 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pkt->log, 0, |
846 "quic ad len:%uz %xV", ad.len, &ad); | |
844 #endif | 847 #endif |
845 | 848 |
846 if (ngx_quic_ciphers(pkt->keys->cipher, &ciphers, pkt->level) == NGX_ERROR) | 849 if (ngx_quic_ciphers(pkt->keys->cipher, &ciphers, pkt->level) == NGX_ERROR) |
847 { | 850 { |
848 return NGX_ERROR; | 851 return NGX_ERROR; |
908 | 911 |
909 itag.data = ad.data + ad.len; | 912 itag.data = ad.data + ad.len; |
910 itag.len = EVP_GCM_TLS_TAG_LEN; | 913 itag.len = EVP_GCM_TLS_TAG_LEN; |
911 | 914 |
912 #ifdef NGX_QUIC_DEBUG_CRYPTO | 915 #ifdef NGX_QUIC_DEBUG_CRYPTO |
913 ngx_quic_hexdump(pkt->log, "quic retry itag", ad.data, ad.len); | 916 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pkt->log, 0, |
917 "quic retry itag len:%uz %xV", ad.len, &ad); | |
914 #endif | 918 #endif |
915 | 919 |
916 if (ngx_quic_ciphers(0, &ciphers, pkt->level) == NGX_ERROR) { | 920 if (ngx_quic_ciphers(0, &ciphers, pkt->level) == NGX_ERROR) { |
917 return NGX_ERROR; | 921 return NGX_ERROR; |
918 } | 922 } |
980 } | 984 } |
981 | 985 |
982 ngx_memcpy(token, key, NGX_QUIC_SR_TOKEN_LEN); | 986 ngx_memcpy(token, key, NGX_QUIC_SR_TOKEN_LEN); |
983 | 987 |
984 #if (NGX_DEBUG) | 988 #if (NGX_DEBUG) |
985 ngx_quic_hexdump(c->log, "quic stateless reset token", token, | 989 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
986 (size_t) NGX_QUIC_SR_TOKEN_LEN); | 990 "quic stateless reset token %*xs", |
991 (size_t) NGX_QUIC_SR_TOKEN_LEN, token); | |
987 #endif | 992 #endif |
988 | 993 |
989 return NGX_OK; | 994 return NGX_OK; |
990 } | 995 } |
991 | 996 |
1136 | 1141 |
1137 ngx_memcpy(nonce, secret->iv.data, secret->iv.len); | 1142 ngx_memcpy(nonce, secret->iv.data, secret->iv.len); |
1138 ngx_quic_compute_nonce(nonce, sizeof(nonce), pn); | 1143 ngx_quic_compute_nonce(nonce, sizeof(nonce), pn); |
1139 | 1144 |
1140 #ifdef NGX_QUIC_DEBUG_CRYPTO | 1145 #ifdef NGX_QUIC_DEBUG_CRYPTO |
1141 ngx_quic_hexdump(pkt->log, "quic ad", ad.data, ad.len); | 1146 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pkt->log, 0, |
1147 "quic ad len:%uz %xV", ad.len, &ad); | |
1142 #endif | 1148 #endif |
1143 | 1149 |
1144 pkt->payload.len = in.len - EVP_GCM_TLS_TAG_LEN; | 1150 pkt->payload.len = in.len - EVP_GCM_TLS_TAG_LEN; |
1145 pkt->payload.data = pkt->plaintext + ad.len; | 1151 pkt->payload.data = pkt->plaintext + ad.len; |
1146 | 1152 |
1172 pkt->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; | 1178 pkt->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; |
1173 return NGX_ERROR; | 1179 return NGX_ERROR; |
1174 } | 1180 } |
1175 | 1181 |
1176 #if defined(NGX_QUIC_DEBUG_CRYPTO) && defined(NGX_QUIC_DEBUG_PACKETS) | 1182 #if defined(NGX_QUIC_DEBUG_CRYPTO) && defined(NGX_QUIC_DEBUG_PACKETS) |
1177 ngx_quic_hexdump(pkt->log, "quic packet payload", | 1183 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pkt->log, 0, |
1178 pkt->payload.data, pkt->payload.len); | 1184 "quic packet payload len:%uz %xV", |
1185 pkt->payload.len, &pkt->payload); | |
1179 #endif | 1186 #endif |
1180 | 1187 |
1181 *largest_pn = lpn; | 1188 *largest_pn = lpn; |
1182 | 1189 |
1183 return NGX_OK; | 1190 return NGX_OK; |