# HG changeset patch # User Sergey Kandaurov # Date 1605648742 0 # Node ID 5fdd0ef422323e12fca2b7ef95bcb51933583c64 # Parent 05b1ee4643503c98031ad28bf8c9a18b579fe24a QUIC: macros for manipulating header protection and reserved bits. This gets rid of magic numbers from quic protection and allows to push down header construction specifics further to quic transport. diff --git a/src/event/ngx_event_quic_protection.c b/src/event/ngx_event_quic_protection.c --- a/src/event/ngx_event_quic_protection.c +++ b/src/event/ngx_event_quic_protection.c @@ -870,7 +870,7 @@ ngx_quic_create_long_packet(ngx_quic_hea } /* quic-tls: 5.4.1. Header Protection Application */ - ad.data[0] ^= mask[0] & 0x0f; + ad.data[0] ^= mask[0] & ngx_quic_pkt_hp_mask(pkt->flags); for (i = 0; i < pkt->num_len; i++) { pnp[i] ^= mask[i + 1]; @@ -928,7 +928,7 @@ ngx_quic_create_short_packet(ngx_quic_he } /* quic-tls: 5.4.1. Header Protection Application */ - ad.data[0] ^= mask[0] & 0x1f; + ad.data[0] ^= mask[0] & ngx_quic_pkt_hp_mask(pkt->flags); for (i = 0; i < pkt->num_len; i++) { pnp[i] ^= mask[i + 1]; @@ -1161,11 +1161,9 @@ ngx_quic_decrypt(ngx_quic_header_t *pkt, return NGX_DECLINED; } - if (ngx_quic_long_pkt(pkt->flags)) { - clearflags = pkt->flags ^ (mask[0] & 0x0f); + clearflags = pkt->flags ^ (mask[0] & ngx_quic_pkt_hp_mask(pkt->flags)); - } else { - clearflags = pkt->flags ^ (mask[0] & 0x1f); + if (ngx_quic_short_pkt(pkt->flags)) { key_phase = (clearflags & NGX_QUIC_PKT_KPHASE) != 0; if (key_phase != pkt->key_phase) { @@ -1192,12 +1190,7 @@ ngx_quic_decrypt(ngx_quic_header_t *pkt, in.data = p; in.len = len - pnl; - if (ngx_quic_long_pkt(pkt->flags)) { - badflags = clearflags & NGX_QUIC_PKT_LONG_RESERVED_BIT; - - } else { - badflags = clearflags & NGX_QUIC_PKT_SHORT_RESERVED_BIT; - } + badflags = clearflags & ngx_quic_pkt_rb_mask(pkt->flags); ad.len = p - pkt->data; ad.data = pkt->plaintext; diff --git a/src/event/ngx_event_quic_transport.h b/src/event/ngx_event_quic_transport.h --- a/src/event/ngx_event_quic_transport.h +++ b/src/event/ngx_event_quic_transport.h @@ -19,9 +19,6 @@ #define NGX_QUIC_PKT_TYPE 0x30 /* in long packet */ #define NGX_QUIC_PKT_KPHASE 0x04 /* in short packet */ -#define NGX_QUIC_PKT_LONG_RESERVED_BIT 0x0C -#define NGX_QUIC_PKT_SHORT_RESERVED_BIT 0x18 - #define ngx_quic_long_pkt(flags) ((flags) & NGX_QUIC_PKT_LONG) #define ngx_quic_short_pkt(flags) (((flags) & NGX_QUIC_PKT_LONG) == 0) @@ -40,6 +37,11 @@ #define ngx_quic_pkt_retry(flags) \ (((flags) & NGX_QUIC_PKT_TYPE) == NGX_QUIC_PKT_RETRY) +#define ngx_quic_pkt_rb_mask(flags) \ + (ngx_quic_long_pkt(flags) ? 0x0C : 0x18) +#define ngx_quic_pkt_hp_mask(flags) \ + (ngx_quic_long_pkt(flags) ? 0x0F : 0x1F) + #define ngx_quic_level_name(lvl) \ (lvl == ssl_encryption_application) ? "app" \ : (lvl == ssl_encryption_initial) ? "init" \