Mercurial > hg > nginx
changeset 8445:3de1b7399650 quic
Close connection with PROTOCOL_VIOLATION on decryption failure.
A previously used undefined error code is now replaced with the generic one.
Note that quic-transport prescribes keeping connection intact, discarding such
QUIC packets individually, in the sense that coalesced packets could be there.
This is selectively handled in the next change.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Tue, 23 Jun 2020 11:57:00 +0300 |
parents | 769d8bdeffb0 |
children | df29219988bc |
files | src/event/ngx_event_quic_protection.c |
diffstat | 1 files changed, 2 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/src/event/ngx_event_quic_protection.c +++ b/src/event/ngx_event_quic_protection.c @@ -1050,7 +1050,7 @@ ngx_quic_decrypt(ngx_quic_header_t *pkt, if (ngx_quic_tls_hp(pkt->log, ciphers.hp, secret, mask, sample) != NGX_OK) { - pkt->error = NGX_QUIC_ERR_CRYPTO_ERROR; + pkt->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; return NGX_ERROR; } @@ -1130,7 +1130,7 @@ ngx_quic_decrypt(ngx_quic_header_t *pkt, #endif if (rc != NGX_OK) { - pkt->error = NGX_QUIC_ERR_CRYPTO_ERROR; + pkt->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; return rc; }