Mercurial > hg > nginx

diff src/event/quic/ngx_event_quic_tokens.h @ 9026:3550b00d9dc8 quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
QUIC: avoided pool usage in token calculation.
author Vladimir Homutov <vl@nginx.com>
date Tue, 31 May 2022 11:05:22 +0400
parents 4117aa7fa38e
children 77c1418916f7
line wrap: on
line diff
--- a/src/event/quic/ngx_event_quic_tokens.h
+++ b/src/event/quic/ngx_event_quic_tokens.h
@@ -12,9 +12,21 @@
 #include <ngx_core.h>
 
 
+#define NGX_QUIC_MAX_TOKEN_SIZE              64
+    /* SHA-1(addr)=20 + sizeof(time_t) + retry(1) + odcid.len(1) + odcid */
+
+/* RFC 3602, 2.1 and 2.4 for AES-CBC block size and IV length */
+#define NGX_QUIC_AES_256_CBC_IV_LEN          16
+#define NGX_QUIC_AES_256_CBC_BLOCK_SIZE      16
+
+#define NGX_QUIC_TOKEN_BUF_SIZE             (NGX_QUIC_AES_256_CBC_IV_LEN      \
+                                             + NGX_QUIC_MAX_TOKEN_SIZE        \
+                                             + NGX_QUIC_AES_256_CBC_BLOCK_SIZE)
+
+
 ngx_int_t ngx_quic_new_sr_token(ngx_connection_t *c, ngx_str_t *cid,
     u_char *secret, u_char *token);
-ngx_int_t ngx_quic_new_token(ngx_connection_t *c, struct sockaddr *sockaddr,
+ngx_int_t ngx_quic_new_token(ngx_log_t *log, struct sockaddr *sockaddr,
     socklen_t socklen, u_char *key, ngx_str_t *token, ngx_str_t *odcid,
     time_t expires, ngx_uint_t is_retry);
 ngx_int_t ngx_quic_validate_token(ngx_connection_t *c,