Mercurial > hg > nginx

comparison src/event/quic/ngx_event_quic_connid.c @ 8910:f8848f5a1014 quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
author Vladimir Homutov <vl@nginx.com>
date Thu, 18 Nov 2021 14:19:31 +0300
parents e2ec952dc295
children b09f055daa4e
comparison
equal deleted inserted replaced
8909:d041b8d6ab0b 8910:f8848f5a1014
363 ngx_quic_client_id_t *cid; 363 ngx_quic_client_id_t *cid;
364 ngx_quic_connection_t *qc; 364 ngx_quic_connection_t *qc;
365 365
366 qc = ngx_quic_get_connection(c); 366 qc = ngx_quic_get_connection(c);
367 367
368 if (f->sequence_number >= qc->server_seqnum) {
369 /*
370 * RFC 9000, 19.16.
371 *
372 * Receipt of a RETIRE_CONNECTION_ID frame containing a sequence
373 * number greater than any previously sent to the peer MUST be
374 * treated as a connection error of type PROTOCOL_VIOLATION.
375 */
376 qc->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION;
377 qc->error_reason = "sequence number of id to retire was never issued";
378
379 return NGX_ERROR;
380 }
381
382 qsock = ngx_quic_get_socket(c);
383
384 if (qsock->sid.seqnum == f->sequence_number) {
385
386 /*
387 * RFC 9000, 19.16.
388 *
389 * The sequence number specified in a RETIRE_CONNECTION_ID frame MUST
390 * NOT refer to the Destination Connection ID field of the packet in
391 * which the frame is contained. The peer MAY treat this as a
392 * connection error of type PROTOCOL_VIOLATION.
393 */
394
395 qc->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION;
396 qc->error_reason = "sequence number of id to retire refers DCID";
397
398 return NGX_ERROR;
399 }
400
368 qsock = ngx_quic_find_socket(c, f->sequence_number); 401 qsock = ngx_quic_find_socket(c, f->sequence_number);
369 if (qsock == NULL) { 402 if (qsock == NULL) {
370 return NGX_OK; 403 return NGX_OK;
371 } 404 }
372 405