mirror of
https://github.com/nginx/nginx.git
synced 2024-12-05 06:19:01 +08:00
Added tests for connection id lengths in initial packet.
This commit is contained in:
parent
d4f9bba111
commit
5ccda6882e
@ -579,6 +579,14 @@ ngx_quic_new_connection(ngx_connection_t *c, ngx_ssl_t *ssl, ngx_quic_tp_t *tp,
|
||||
return NGX_ERROR;
|
||||
}
|
||||
|
||||
if (pkt->dcid.len < NGX_QUIC_CID_LEN_MIN) {
|
||||
/* 7.2. Negotiating Connection IDs */
|
||||
ngx_log_error(NGX_LOG_INFO, c->log, 0,
|
||||
"quic too short dcid in initial packet: length %i",
|
||||
pkt->dcid.len);
|
||||
return NGX_ERROR;
|
||||
}
|
||||
|
||||
c->log->action = "creating new quic connection";
|
||||
|
||||
qc = ngx_pcalloc(c->pool, sizeof(ngx_quic_connection_t));
|
||||
|
@ -283,6 +283,12 @@ ngx_quic_parse_long_header(ngx_quic_header_t *pkt)
|
||||
return NGX_ERROR;
|
||||
}
|
||||
|
||||
if (idlen > NGX_QUIC_CID_LEN_MAX) {
|
||||
ngx_log_error(NGX_LOG_INFO, pkt->log, 0,
|
||||
"quic packet dcid is too long");
|
||||
return NGX_ERROR;
|
||||
}
|
||||
|
||||
pkt->dcid.len = idlen;
|
||||
|
||||
p = ngx_quic_read_bytes(p, end, idlen, &pkt->dcid.data);
|
||||
@ -299,6 +305,12 @@ ngx_quic_parse_long_header(ngx_quic_header_t *pkt)
|
||||
return NGX_ERROR;
|
||||
}
|
||||
|
||||
if (idlen > NGX_QUIC_CID_LEN_MAX) {
|
||||
ngx_log_error(NGX_LOG_INFO, pkt->log, 0,
|
||||
"quic packet scid is too long");
|
||||
return NGX_ERROR;
|
||||
}
|
||||
|
||||
pkt->scid.len = idlen;
|
||||
|
||||
p = ngx_quic_read_bytes(p, end, idlen, &pkt->scid.data);
|
||||
|
@ -112,6 +112,9 @@
|
||||
#define NGX_QUIC_TP_PREFERRED_ADDRESS 0x0D
|
||||
#define NGX_QUIC_TP_ACTIVE_CONNECTION_ID_LIMIT 0x0E
|
||||
|
||||
#define NGX_QUIC_CID_LEN_MIN 8
|
||||
#define NGX_QUIC_CID_LEN_MAX 20
|
||||
|
||||
|
||||
typedef struct {
|
||||
uint64_t largest;
|
||||
@ -130,7 +133,7 @@ typedef struct {
|
||||
uint64_t seqnum;
|
||||
uint64_t retire;
|
||||
uint8_t len;
|
||||
u_char cid[20];
|
||||
u_char cid[NGX_QUIC_CID_LEN_MAX];
|
||||
u_char srt[16];
|
||||
} ngx_quic_new_conn_id_frame_t;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user