Mercurial > hg > nginx

diff src/event/quic/ngx_event_quic_connection.h @ 8939:ddd5e5c0f87d quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
QUIC: improved path validation. Previously, path was considered valid during arbitrary selected 10m timeout since validation. This is quite not what RFC 9000 says; the relevant part is: An endpoint MAY skip validation of a peer address if that address has been seen recently. The patch considers a path to be 'recently seen' if packets were received during idle timeout. If a packet is received from the path that was seen not so recently, such path is considered new, and anti-amplification restrictions apply.
author Vladimir Homutov <vl@nginx.com>
date Mon, 13 Dec 2021 17:27:29 +0300
parents 1d7bf9778328
children fb41e37ddeb0
line wrap: on
line diff
--- a/src/event/quic/ngx_event_quic_connection.h
+++ b/src/event/quic/ngx_event_quic_connection.h
@@ -86,6 +86,7 @@ struct ngx_quic_path_s {
     socklen_t                         socklen;
     ngx_uint_t                        state;
     ngx_msec_t                        expires;
+    ngx_msec_t                        last_seen;
     ngx_uint_t                        tries;
     off_t                             sent;
     off_t                             received;
@@ -93,7 +94,6 @@ struct ngx_quic_path_s {
     u_char                            challenge2[8];
     ngx_uint_t                        refcnt;
     uint64_t                          seqnum;
-    time_t                            validated_at;
     ngx_str_t                         addr_text;
     u_char                            text[NGX_SOCKADDR_STRLEN];
 };