mirror of
https://github.com/nginx/nginx.git
synced 2024-11-23 20:19:02 +08:00
QUIC: use last client dcid to receive initial packets.
Previously, original dcid was used to receive initial client packets in case server initial response was lost. However, last dcid should be used instead. These two are the same unless retry is used. In case of retry, client resends initial packet with a new dcid, that is different from the original dcid. If server response is lost, the client resends this packet again with the same dcid. This is shown in RFC 9000, 7.3. Authenticating Connection IDs, Figure 8. The issue manifested itself with creating multiple server sessions in response to each post-retry client initial packet, if server response is lost.
This commit is contained in:
parent
24f3cb795e
commit
1bc204a3a5
@ -1110,7 +1110,7 @@ ngx_quic_discard_ctx(ngx_connection_t *c, enum ssl_encryption_level_t level)
|
||||
}
|
||||
|
||||
if (level == ssl_encryption_initial) {
|
||||
/* close temporary listener with odcid */
|
||||
/* close temporary listener with initial dcid */
|
||||
qsock = ngx_quic_find_socket(c, NGX_QUIC_UNSET_PN);
|
||||
if (qsock) {
|
||||
ngx_quic_close_socket(c, qsock);
|
||||
|
@ -93,8 +93,8 @@ ngx_quic_open_sockets(ngx_connection_t *c, ngx_quic_connection_t *qc,
|
||||
|
||||
tmp->sid.seqnum = NGX_QUIC_UNSET_PN; /* temporary socket */
|
||||
|
||||
ngx_memcpy(tmp->sid.id, pkt->odcid.data, pkt->odcid.len);
|
||||
tmp->sid.len = pkt->odcid.len;
|
||||
ngx_memcpy(tmp->sid.id, pkt->dcid.data, pkt->dcid.len);
|
||||
tmp->sid.len = pkt->dcid.len;
|
||||
|
||||
if (ngx_quic_listen(c, qc, tmp) != NGX_OK) {
|
||||
goto failed;
|
||||
|
Loading…
Reference in New Issue
Block a user