Mercurial > hg > nginx

diff src/event/ngx_event_quic_transport.c @ 8386:81f85c479d7e quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Discard packets without fixed bit or reserved bits set. Section 17.2 and 17.3 of QUIC transport: Fixed bit: Packets containing a zero value for this bit are not valid packets in this version and MUST be discarded. Reserved bit: An endpoint MUST treat receipt of a packet that has a non-zero value for these bits, after removing both packet and header protection, as a connection error of type PROTOCOL_VIOLATION.
author Vladimir Homutov <vl@nginx.com>
date Thu, 14 May 2020 01:06:45 +0300
parents fb7422074258
children eebdda507ec3
line wrap: on
line diff
--- a/src/event/ngx_event_quic_transport.c
+++ b/src/event/ngx_event_quic_transport.c
@@ -265,6 +265,11 @@ ngx_quic_parse_long_header(ngx_quic_head
                    "quic long packet flags:%xi version:%xD",
                    pkt->flags, pkt->version);
 
+    if (!(pkt->flags & NGX_QUIC_PKT_FIXED_BIT)) {
+        ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic fixed bit is not set");
+        return NGX_DECLINED;
+    }
+
     if (pkt->version != NGX_QUIC_VERSION) {
         ngx_log_error(NGX_LOG_INFO, pkt->log, 0,
                       "quic unsupported version: 0x%xi", pkt->version);
@@ -443,6 +448,11 @@ ngx_quic_parse_short_header(ngx_quic_hea
     ngx_log_debug1(NGX_LOG_DEBUG_EVENT, pkt->log, 0,
                    "quic short packet flags:%xi", pkt->flags);
 
+    if (!(pkt->flags & NGX_QUIC_PKT_FIXED_BIT)) {
+        ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic fixed bit is not set");
+        return NGX_DECLINED;
+    }
+
     if (ngx_memcmp(p, dcid->data, dcid->len) != 0) {
         ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "unexpected quic dcid");
         return NGX_ERROR;