Mercurial > hg > nginx

changeset 8368:89ccb04736b9 quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Server CID change.
author Sergey Kandaurov <pluknet@nginx.com>
date Tue, 28 Apr 2020 18:24:01 +0300
parents c10e7d48aa85
children bddf704d62c1
files src/event/ngx_event_quic.c
diffstat 1 files changed, 32 insertions(+), 5 deletions(-) [+]
line wrap: on
line diff
--- a/src/event/ngx_event_quic.c
+++ b/src/event/ngx_event_quic.c
@@ -152,6 +152,7 @@ static int ngx_quic_send_alert(ngx_ssl_c
 static ngx_int_t ngx_quic_new_connection(ngx_connection_t *c, ngx_ssl_t *ssl,
     ngx_quic_tp_t *tp, ngx_quic_header_t *pkt,
     ngx_connection_handler_pt handler);
+static ngx_int_t ngx_quic_new_cid(ngx_pool_t *pool, ngx_str_t *sid);
 static ngx_int_t ngx_quic_init_connection(ngx_connection_t *c);
 static void ngx_quic_input_handler(ngx_event_t *rev);
 
@@ -612,12 +613,13 @@ ngx_quic_new_connection(ngx_connection_t
     qc->congestion.ssthresh = NGX_MAX_SIZE_T_VALUE;
     qc->congestion.recovery_start = ngx_current_msec;
 
-    qc->dcid.len = pkt->dcid.len;
-    qc->dcid.data = ngx_pnalloc(c->pool, pkt->dcid.len);
-    if (qc->dcid.data == NULL) {
+    if (ngx_quic_new_cid(c->pool, &qc->dcid) != NGX_OK) {
         return NGX_ERROR;
     }
-    ngx_memcpy(qc->dcid.data, pkt->dcid.data, qc->dcid.len);
+
+#ifdef NGX_QUIC_DEBUG_PACKETS
+    ngx_quic_hexdump(c->log, "quic server CID", qc->dcid.data, qc->dcid.len);
+#endif
 
     qc->scid.len = pkt->scid.len;
     qc->scid.data = ngx_pnalloc(c->pool, qc->scid.len);
@@ -636,7 +638,7 @@ ngx_quic_new_connection(ngx_connection_t
     keys = &c->quic->keys[ssl_encryption_initial];
 
     if (ngx_quic_set_initial_secret(c->pool, &keys->client, &keys->server,
-                                    &qc->dcid)
+                                    &pkt->dcid)
         != NGX_OK)
     {
         return NGX_ERROR;
@@ -668,6 +670,31 @@ ngx_quic_new_connection(ngx_connection_t
 
 
 static ngx_int_t
+ngx_quic_new_cid(ngx_pool_t *pool, ngx_str_t *cid)
+{
+    uint8_t len;
+
+    if (RAND_bytes(&len, sizeof(len)) != 1) {
+        return NGX_ERROR;
+    }
+
+    len = len % 10 + 10;
+
+    cid->len = len;
+    cid->data = ngx_pnalloc(pool, len);
+    if (cid->data == NULL) {
+        return NGX_ERROR;
+    }
+
+    if (RAND_bytes(cid->data, len) != 1) {
+        return NGX_ERROR;
+    }
+
+    return NGX_OK;
+}
+
+
+static ngx_int_t
 ngx_quic_init_connection(ngx_connection_t *c)
 {
     int                     n, sslerr;